Google Android 'SQLiteDatabase.java' Remote Security Bypass Vulnerability
BID:68912
CVE-2014-4959 |Info
Google Android 'SQLiteDatabase.java' Remote Security Bypass Vulnerability
| Bugtraq ID: | 68912 |
| Class: | Design Error |
| CVE: |
CVE-2014-4959 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 26 2014 12:00AM |
| Updated: | Jul 26 2014 12:00AM |
| Credit: | MS - SecVeritas.com |
| Vulnerable: |
Google Android 0 |
| Not Vulnerable: | |
Discussion
Google Android 'SQLiteDatabase.java' Remote Security Bypass Vulnerability
Google Android is prone to a remote security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks.
Google Android is prone to a remote security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks.
Exploit / POC
Google Android 'SQLiteDatabase.java' Remote Security Bypass Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Google Android 'SQLiteDatabase.java' Remote Security Bypass Vulnerability
References:
References:
- Android Homepage (Google)
- SECV-07-1403 - Android SQLi Api - SQL Injection on delete() method (seclists.org)