Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-6775

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2013-6775
Last Modified 31 Mar 2014 03:08:03
Published 31 Mar 2014 10:58:57
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-6775

Summary

The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su.

Vulnerable Systems

Application

  • Chainfire Supersu 1.69


References

BUGTRAQ - 20131113 Android Superuser shell character escape vulnerability


Last Updated: 27 May 2016 11:04:48