4 matches found
CVE-2021-0481
In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
ASB-A-187702830
In cropPhoto of EditUserPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-0481
In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
CVE-2021-0481
CVE-2021-0481 affects Android platform apps: in EditUserPhotoController.java, onActivityResult allows possible access to unauthorized files due to an unexpected URI handler, potentially enabling local escalation of privilege with user interaction. Affected Android versions include 8.1–11. The And...