CVE-2014-7952

Опубликовано: 12 янв. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

The backup mechanism in the adb tool in Android might allow attackers to inject additional applications (APKs) and execute arbitrary code by leveraging failure to filter application data streams.

Ссылки

http://packetstormsecurity.com/files/132645/ADB-Backup-APK-Injection.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2015/Jul/46
Exploit
Mailing List
Third Party Advisory
http://www.search-lab.hu/about-us/news/110-android-adb-backup-apk-injection-vulnerability
Exploit
Third Party Advisory
http://www.securityfocus.com/archive/1/535980/100/0/threaded
http://www.securityfocus.com/bid/75705
Third Party Advisory
VDB Entry
https://github.com/irsl/ADB-Backup-APK-Injection/
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/132645/ADB-Backup-APK-Injection.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2015/Jul/46
Exploit
Mailing List
Third Party Advisory
http://www.search-lab.hu/about-us/news/110-android-adb-backup-apk-injection-vulnerability
Exploit
Third Party Advisory
http://www.securityfocus.com/archive/1/535980/100/0/threaded
http://www.securityfocus.com/bid/75705
Third Party Advisory
VDB Entry
https://github.com/irsl/ADB-Backup-APK-Injection/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 31%

0.00121

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-6c52-8fqm-4g2v