Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2357

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-2357
Last Modified 21 Sep 2011 11:31:43
Published 12 Aug 2011 02:55:04
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2357

Summary

Cross-application scripting vulnerability in the Browser URL loading functionality in Android 2.3.4 and 3.1 allows local applications to bypass the sandbox and execute arbitrary Javascript in arbitrary domains by (1) causing the MAX_TAB number of tabs to be opened, then loading a URI to the targeted domain into the current tab, or (2) making two startActivity function calls beginning with the targeted domain's URI followed by the malicious Javascript while the UI focus is still associated with the targeted domain.

Vulnerable Systems

Operating System

  • Google Android 2.3.4

  • Google Android 3.1


References

FULLDISC - 20110802 Android Browser Cross-Application Scripting (CVE-2011-2357)

CONFIRM - http://android.git.kernel.org/?p=platform/packages/apps/Browser.git;%20a=commit;h=afa4ab1e4c1d645e34bd408ce04cadfd2e5dae1e

CONFIRM - http://android.git.kernel.org/?p=platform/packages/apps/Browser.git;%20a=commit;h=096bae248453abe83cbb2e5a2c744bd62cdb620b

CONFIRM - http://android.git.kernel.org/?p=platform/cts.git;a=commit;h=7e48fb87d48d27e65942b53b7918288c8d740e17

XF - android-sandbox-cas(68937)

BID - 48954

MISC - http://www.infsec.cs.uni-saarland.de/projects/android-vuln/android_xss.pdf

MISC - http://www.infsec.cs.uni-saarland.de/projects/android-vuln/

SECTRACK - 1025881

SREASON - 8335

SECUNIA - 45457

OSVDB - 74260

MISC - http://blog.watchfire.com/wfblog/2011/08/android-browser-cross-application-scripting-cve-2011-2357.html

MISC - http://blog.watchfire.com/files/advisory-android-browser.pdf


Last Updated: 27 May 2016 10:57:00