grasmeregingerbread.co.uk Cross Site Scripting vulnerability OBB-3222130

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Android Vulnerability Allows Applications to Make Unauthorized Calls without Permissions

A major vulnerability believed to be present in most versions of Android can allow a malicious Android applications on the Android app store to make phone calls on a user’s device, even when they lack the necessary permissions. The critical vulnerability was identified and reported to Google Inc...

Qualcomm Patches Privilege Escalation, DoS Vulnerabilities in Android Devices

Qualcomm has patched a handful of vulnerabilities in its devices that if exploited could leave Android OS kernels open to privilege escalation or denial of service DoS attacks. According to notes published earlier today by Michael Orlando, a vulnerability analyst at the United States Computer...

Gaining a Remote Shell on Android

The security of Android devices has come under quite a lot of scrutiny in recent months, with researchers identifying various root exploits and permission leaks that could be exploited. In this video, researcher Thomas Cannon of ViaForensics demonstrates a method for setting up a remote shell on ...

Android 'vold'释放后使用本地特权提升漏洞

Bugtraq ID: 50598 CVE ID：CVE-2011-4123 Open Handset Alliance Android是一款超过30家科技与移动电话公司所组成的团体开发的免费的移动电话平台。 在Android平台上"log"组的本地用户向vold "volume daemon"发送畸形消息，可触发基于栈的缓冲区溢出。通过释放任意堆对象触发释放后使用错误，可在所有Froyo 2.2.x和Gingerbread 2.4.x设备上提升特权。不过看起来在Honeycomb 3.x中已经得到修补。 Open Handset Alliance Android 2.3.5 Open...

Android Trojan GingerMaster Uses Gingerbread Root Exploit

Android Trojan GingerMaster Uses Gingerbread Root Exploit As our smartphones become more ubiquitous and more powerful, they need to be protected in much the same way that you would protect your computer. Further to this, a malicious piece of malware has been discovered for devices powered by...

Android Update Adds Protection From Mobile Clickjacking

Google released the latest version of its Android mobile operating system on Monday, adding security features that it says will make it tougher for mobile device users to be subjected to “clickjacking” attacks that trick them into clicking on hidden or disguised user interface elements. The compa...

Android Update Adds Protections For Mobile Clickjacking

Google released the latest version of its Android mobile operating system on Monday, adding security features that it says will make it tougher for mobile device users to be subjected to “clickjacking” attacks that trick them into clicking on hidden or disguised user interface elements. The compa...