Lucene search
+L

6 matches found

NVD
NVD
added 2018/11/06 5:29 p.m.21 views

CVE-2018-9445

In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:...

7.2CVSS6.7AI score0.0082EPSS
Exploits5References3
CVE
CVE
added 2018/11/06 5:0 p.m.99 views

CVE-2018-9445

CVE-2018-9445 describes a path traversal/privilege escalation chain in Android. The root issue: readMetadata in Utils.cpp can be fed a crafted label via blkid output that Vold uses to build a mount path, allowing a USB mass storage device to influence the path used for mounting (UUID/TYPE) and en...

7.2CVSS6.7AI score0.0082EPSS
Exploits5References3Affected Software1
0day.today
0day.today
added 2018/09/16 12:0 a.m.121 views

Android (zygote->init;) Chain from USB Privilege Escalation Exploit

Exploit for Android platform in category local exploits After reporting https://bugs.chromium.org/p/project-zero/issues/detail?id=1583 Android ID 80436257, CVE-2018-9445, I discovered that this issue could also be used to inject code into the context of the zygote. Additionally, I discovered a...

0.3AI score0.0082EPSS
Exploits5
exploitpack
exploitpack
added 2018/09/11 12:0 a.m.87 views

Android - zygote-init; Chain from USB Privilege Escalation

Android - zygote-init; Chain from USB Privilege Escalation After reporting https://bugs.chromium.org/p/project-zero/issues/detail?id=1583 Android ID 80436257, CVE-2018-9445, I discovered that this issue could also be used to inject code into the context of the zygote. Additionally, I discovered a...

7.2CVSS1AI score0.0082EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/09/11 12:0 a.m.124 views

Android - 'zygote->init;' Chain from USB Privilege Escalation

After reporting https://bugs.chromium.org/p/project-zero/issues/detail?id=1583 Android ID 80436257, CVE-2018-9445, I discovered that this issue could also be used to inject code into the context of the zygote. Additionally, I discovered a privilege escalation path from zygote to init; that...

7.2CVSS6.8AI score0.0082EPSS
Exploits5
Circl
Circl
added 2018/08/13 12:0 a.m.32 views

CVE-2018-9445

creationtimestamp| type| source ---|---|--- 2018-08-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45192...

7.2CVSS6.8AI score0.0082EPSS
Exploits5References1
Rows per page
Query Builder