328 matches found
Privilege escalation
In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent, with no additional privileges needed. User...
CVE-2019-2043
In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent, with no additional privileges needed. User...
New Banking Trojan Can Launch Overlay Attacks on Latest Android Versions
Researchers have discovered a new Android banking trojan that holds striking similarities to the infamous Lokibot – but packed with new tricky features, most notably its ability to implement an overlay attack on Android 7 and 8. Researchers at ThreatFabric, who discovered the trojan, said...
VTech DigiGo 83.60630 Browser Overlay Attack
------------------------------------------------------------------------ Multiple vulnerabilities in VTech DigiGo allow browser overlay attack ------------------------------------------------------------------------ Sipke Mellema, September 2017...
Red Alert 2.0: New Android Banking Trojan for Sale on Hacking Forums
The Recent discoveries of dangerous variants of the Android banking Trojan families, including Faketoken, Svpeng, and BankBot, present a significant threat to online users who may have their login credentials and valuable personal data stolen. Security researchers from SfyLabs have now discovered...
CVE-2017-0492
An elevation of privilege vulnerability in the System UI could enable a local malicious application to create a UI overlay covering the entire screen. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation o...
Linux Kernel (x86) - Memory Sinkhole Privilege Escalation
Linux Kernel x86 - Memory Sinkhole Privilege Escalation ; memory sinkhole proof of concept ; hijack ring -2 execution through the apic overlay attack. ; deployed in ring 0 ; the SMBASE register of the core under attack TARGETSMBASE equ 0x1f5ef800 ; the location of the attack GDT. ; this is...
Overlapping content can trick users into executing downloads – Opera Security Advisories
Dialogs such as the download dialog are usually displayed on top of page content, to ensure that the user knows that the dialog is requesting attention. In some cases, this policy was not implemented correctly in Opera, allowing certain page content to overlay the dialog. In these cases, clicking...