Lucene search
K

26 matches found

CVE
CVE
added 2017/07/07 5:0 p.m.52 views

CVE-2014-7953

CVE-2014-7953 describes a race condition in Android 4.4.4’s ActivityManagerService.bindBackupAgent that lets a local user with adb shell execute code as system by coordinating an adb install with a crafted logcat script to force bindBackupAgent to use an ApplicationInfo uid of 1000. The flaw stem...

7CVSS7AI score0.00308EPSS
Exploits0References4Affected Software1
0day.today
0day.today
added 2015/04/19 12:0 a.m.79 views

Android OS 4.4.4 Backup Agent Arbitrary Code Execution Vulnerability

The Android backup agent implementation was vulnerable to privilege escalation and race condition. An attacker with adb shell access could run arbitrary code as the system 1000 user or any other valid package. The attack is tested on Android OS 4.4.4. Android backup agent arbitrary code execution...

1.6CVSS0.9AI score0.01074EPSS
Exploits6
NVD
NVD
added 2014/03/31 2:58 p.m.39 views

CVE-2013-6770

The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not properly restrict the set of users who can execute /system/xbin/su with the --daemon option, which allows attackers to gain privileges by leveraging ADB shell access and a certain Linux UID, and then...

7.6CVSS6.8AI score0.00668EPSS
Exploits3References1
Cvelist
Cvelist
added 2014/03/30 10:0 a.m.47 views

CVE-2013-6770

The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not properly restrict the set of users who can execute /system/xbin/su with the --daemon option, which allows attackers to gain privileges by leveraging ADB shell access and a certain Linux UID, and then...

6.8AI score0.00668EPSS
Exploits3References1
0day.today
0day.today
added 2013/11/15 12:0 a.m.104 views

Android 4.3 Superuser Root Privilege Escalation Vulnerability

The Superuser package for Android 4.3 allows a user to spawn /system/xbin/su with manipulated environment variables to execute code as root. Current releases of the CyanogenMod/ClockWorkMod/Koush Superuser package may allow restricted local users to execute arbitrary commands as root in certain,...

7.4AI score0.00668EPSS
Exploits3
Packet Storm
Packet Storm
added 2013/11/14 12:0 a.m.86 views

Android 4.3 Superuser Root Privilege Escalation

Current releases of the CyanogenMod/ClockWorkMod/Koush Superuser package may allow restricted local users to execute arbitrary commands as root in certain, non-default device configurations. Android 4.3 introduced the concept of "restricted profiles," created through the Settings - Users menu. A...

7.6CVSS0.8AI score0.00668EPSS
Exploits3
Rows per page
Query Builder