Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-7922

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-7922
Last Modified 23 Feb 2015 02:03:35
Published 22 Feb 2015 09:59:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-7922

Summary

The GoogleAuthUtil.getToken method in the Google Play services SDK before 2015 sets parameters in OAuth token requests upon finding a corresponding _opt_ parameter in the Bundle extras argument, which allows attackers to bypass an intended consent dialog and retrieve tokens for arbitrary OAuth scopes including the SID and LSID scopes, and consequently obtain access to a Google account, via a crafted application, as demonstrated by setting the has_permission=1 parameter value upon finding _opt_has_permission in that argument.

Vulnerable Systems

Application

  • Google Play Services Sdk 6.1


References

MISC - https://gist.github.com/isciurus/df4d7edd9c3efb4a0753

MISC - http://isciurus.blogspot.com/2015/01/android-app-with-full-control-over-your.html


Last Updated: 27 May 2016 11:07:54