2 matches found
CVE-2023-40134
In isFullScreen of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40134
CVE-2023-40134 concerns a local information disclosure in the Android UI code path. The vulnerability is described as a confused deputy in isFullScreen/FillUi.java that can allow viewing another user’s images without extra execution privileges and without user interaction. Public sources in the c...