Ubuntu.comUB:CVE-2014-7951CVE-2014-7951
4.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
77.8%
Directory traversal vulnerability in the Android debug bridge (aka adb) in
Android 4.0.4 allows physically proximate attackers with a direct
connection to the target Android device to write to arbitrary files owned
by system via a … (dot dot) in the tar archive headers.
References
packetstormsecurity.com/files/131510/ADB-Backup-Traversal-File-Overwrite.html
seclists.org/fulldisclosure/2015/Apr/51
android.googlesource.com/platform/frameworks/base/+/7bc601d%5E!/#F0
launchpad.net/bugs/cve/CVE-2014-7951
nvd.nist.gov/vuln/detail/CVE-2014-7951
security-tracker.debian.org/tracker/CVE-2014-7951
www.cve.org/CVERecord?id=CVE-2014-7951
www.exploit-db.com/exploits/36813/
Related
4.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
77.8%