Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x
Nov 14 2013 08:19PM
Kevin Cernekee (cernekee gmail com)
On Thu, Nov 14, 2013 at 7:44 AM, Gleb O. Raiko <raiko (at) niisi.msk (dot) ru [email concealed]> wrote:
> Considering ChainsDD Superuser you mentioned.
> Unfortunately, your mail describes just potential attack vectors. While I
> can't say for sure, Superuser isn't vulnerable at all, I'd like to note that
> su invokes the am sc...
[ more ]
Copyright 2010, SecurityFocus