CVE-2016-2496

The Framework UI permission-dialog implementation in Android 6.x before 2016-06-01 allows attackers to conduct tapjacking attacks and access arbitrary private-storage files by creating a partially overlapping window, aka internal bug 26677796...

CVE-2016-2496

The CVE-2016-2496 issue concerns the Framework UI permission-dialog in Android 6.x before 2016-06-01. A partially overlapping window allows tapjacking and access to arbitrary private-storage files due to an internal bug (26677796). The vulnerability’s impact is described as elevated access to pri...

PT-2016-2202 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android 6.x versions prior to 2016-06-01 Description: The issue is related to the Framework UI permission-dialog implementation, which allows attackers to conduct tapjacking attacks. This can be achieved by creating a partially overlapping...

QARK - Tool to look for several security related Android application vulnerabilities

Q uick A ndroid R eview K it - This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. The tool is also capable of creating "Proof-of-Concept" deployable APKs and/or ADB commands, capable of exploiting many of the...

The vulnerability of Google Chrome browser allows a malicious intruder to perform actions that are not intended by the browser interface.

The vulnerability of Google Chrome lies in the improper handling of screen events by the user when navigating through web pages. As a result of exploiting this vulnerability, an attacker who operates remotely, using a specially crafted website that implements a “tapjacking” attack, can perform...

CVE-2015-1241

Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...

Code injection

Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...

CVE-2015-1241

Chromium/Google Chrome vulnerability CVE-2015-1241 (tap-jacking) arises from how page navigation interacts with touch and gesture handling, allowing a crafted site to trigger remote UI actions. Affected product: Chromium-based browsers (Chrome). Root cause: interaction between navigation and touc...

CVE-2015-1241

Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...

CVE-2015-1241

Removed by vendor...

CVE-2015-1241

Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...

UBUNTU-CVE-2015-1241

Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...