3 matches found
CVE-2013-6774
CVE-2013-6774 describes an untrusted search path vulnerability in Android Superuser implementations (ChainsDD Superuser 3.1.3, CyanogenMod/ClockWorkMod/Koush Superuser 1.0.2.1, Chainfire SuperSU before 1.69) on Android 4.2.x and earlier. The issue arises because BOOTCLASSPATH can be crafted to lo...
Superuser unsanitized environment vulnerability on Android <= 4.2.x
Vulnerable releases of several common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root without notifying the device owner: - ChainsDD Superuser current releases, including v3.1.3 - CyanogenMod/ClockWorkMod/Koush Superuser current releases,...
Android 4.2.x Superuser Unsanitized Environment
Vulnerable releases of several common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root without notifying the device owner: - ChainsDD Superuser current releases, including v3.1.3 - CyanogenMod/ClockWorkMod/Koush Superuser current releases,...