5 matches found
CVE-2017-13315
In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is no...
CVE-2020-0166
In multiple functions of URI.java, there is a possible escalation of privilege due to missing validation in the parceling of URI information. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Privilege escalation
In multiple functions of URI.java, there is a possible escalation of privilege due to missing validation in the parceling of URI information. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2020-0166
CVE-2020-0166 affects Android 10, where in multiple functions of URI.java a missing validation during parceling of URI information can lead to local privilege escalation. The Android Security Bulletin (Pixel Update Bulletin) lists CVE-2020-0166 under the Android runtime with Updated AOSP version ...
CVE-2020-0166
In multiple functions of URI.java, there is a possible escalation of privilege due to missing validation in the parceling of URI information. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...