3 matches found
CVE-2013-6768
The CVE-2013-6768 entry describes an untrusted search path vulnerability in CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier. A crafted PATH for /system/xbin/su can trigger the Dalvik VM to launch a Trojan horse app_process, enabling privilege-related risk. C...
Superuser unsanitized environment vulnerability on Android <= 4.2.x
Vulnerable releases of several common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root without notifying the device owner: - ChainsDD Superuser current releases, including v3.1.3 - CyanogenMod/ClockWorkMod/Koush Superuser current releases,...
Android 4.2.x Superuser Unsanitized Environment
Vulnerable releases of several common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root without notifying the device owner: - ChainsDD Superuser current releases, including v3.1.3 - CyanogenMod/ClockWorkMod/Koush Superuser current releases,...