12 matches found
CVE-2023-40111
In setMediaButtonReceiver of MediaSessionRecord.java, there is a possible way to send a pending intent on behalf of systemserver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2023-40111
In setMediaButtonReceiver of MediaSessionRecord.java, there is a possible way to send a pending intent on behalf of systemserver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
Google Android Resource Management Error Vulnerability (CNVD-2023-65157)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a resource management error vulnerability that originates from improper resource management in the setMediaButtonBroadcastReceiver module of MediaSessionRecord.java, which can be exploited by an...
Google Android Information Disclosure Vulnerability (CNVD-2023-82069)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that originates from a messy proxy in the setMetadata module of MediaSessionRecord.java, which can be exploited by an attacker to obtain sensitive...
CVE-2023-21285
CVE-2023-21285 affects Android’s MediaSessionRecord.java, where a flawed setMetadata function could allow a local attacker to view another user’s images via a confused deputy. The issue enables local information disclosure without additional execution privileges and does not require user interact...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that originates from a messy proxy in the setMetadata module of MediaSessionRecord.java, which can be exploited by an attacker to obtain sensitive...
Google Android 资源管理错误漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a resource management error vulnerability that originates from improper resource management in the setMediaButtonBroadcastReceiver module of MediaSessionRecord.java, which can be exploited by an...
ASB-A-271851153
In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-20964
In multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a confused deputy. This could lead to local denial of service or escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
UBUNTU-CVE-2023-20964
In multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a confused deputy. This could lead to local denial of service or escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2023-20964
In multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a confused deputy. This could lead to local denial of service or escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2023-20964
The CVE-2023-20964 entry affects Android (Android-12/12L/13) via MediaSessionRecord.java, where an Intent rebroadcast in multiple functions can cause local denial of service or privilege escalation without extra execution privileges and with no user interaction required. The vulnerability is clas...