3 matches found
CVE-2021-0334
In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-0334
In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-0334
CVE-2021-0334 is a vulnerability in the Android Framework affecting Android 8.1–11 where ResolverActivity.java’s onTargetSelected allows a malicious app to bypass domain-handling settings and register as the default handler for arbitrary domains. This can lead to local privilege elevation with no...