28 matches found
EUVD-2006-0622
Malware in sbrugna...
EUVD-2006-0624
Malware in sbrugna...
EUVD-2006-0623
Malware in sbrugna...
EUVD-2006-0621
Malware in sbrugna...
Android Browser and WebView addJavascriptInterface Code Execution
This module exploits a privilege escalation issue in Android 4.2's WebView component that arises when untrusted Javascript code is executed by a WebView that has one or more Interfaces added to it. The untrusted Javascript code can call into the Java Reflection APIs exposed by the Interface and...
Android Browser and WebView addJavascriptInterface Code Execution
This Metasploit module exploits a privilege escalation issue in Android versions prior 4.2's WebView component that arises when untrusted Javascript code is executed by a WebView that has one or more Interfaces added to it. The untrusted Javascript code can call into the Java Reflection APIs...
Android Browser / WebView addJavascriptInterface Code Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Android", :arch = ARCHARMLE, :javascript = true, :rank = ExcellentRanking, :vulntest = %Q| for i in top try...
Google Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/android' class MetasploitModule OperatingSystems::Match::ANDROID, :arch = ARCHARMLE, :javascript = true, :rank =...
GLSA-200602-07 : Sun JDK/JRE: Applet privilege escalation
The remote host is affected by the vulnerability described in GLSA-200602-07 Sun JDK/JRE: Applet privilege escalation Applets executed using JRE or JDK can use 'reflection' APIs functions to elevate its privileges beyond the sandbox restrictions. Adam Gowdiak discovered five vulnerabilities that...
CVE-2006-0614
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and earlier, SDK and JRE 1.3.x through 1.3.116 and 1.4.x through 1.4.208 allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "first issue."...
Design/Logic Flaw
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues."...
Design/Logic Flaw
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue."...
Design/Logic Flaw
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.209 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues."...
Design/Logic Flaw
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and earlier, SDK and JRE 1.3.x through 1.3.116 and 1.4.x through 1.4.208 allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "first issue."...
CVE-2006-0615
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.209 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues."...
CVE-2006-0617
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues."...
CVE-2006-0615
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.209 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues."...
CVE-2006-0614
CVE-2006-0614 concerns Sun JDK/JRE: Applets can escape the sandbox via reflection APIs, allowing remote privilege escalation. Affected products include Sun JDK/JRE 5.0 Update 3 and earlier, SDK/JRE 1.3.x through 1.3.1_16 and 1.4.x through 1.4.2_08. The vulnerability enables a malicious Java apple...
CVE-2006-0614
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and earlier, SDK and JRE 1.3.x through 1.3.116 and 1.4.x through 1.4.208 allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "first issue."...
CVE-2006-0616
CVE-2006-0616 : Unspecified vulnerability in Sun Java JDK/JRE 5.0 Update 4 and earlier allows a remote attacker to bypass the Java sandbox and gain privileges through the reflection APIs (the so‑called “fourth issue”). Exploitation details are not provided in the documents, but multiple sources d...