2 matches found
CVE-2020-0115
In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
CVE-2020-0115
CVE-2020-0115 is a local elevation-of-privilege vulnerability in Android’s PackageManagerService (verifyIntentFiltersIfNeeded) that could let a malicious app become the default handler for arbitrary domains, bypassing intended privileges with no user interaction. Affected: Android 8.0–8.1, 9, and...