vendor:
Android
by:
Itzhak Avraham, mj
7,8
CVSS
HIGH
Use-After-Free
416
CWE
Product Name: Android
Affected Version From: 2.0
Affected Version To: 2.1
Patch Exists: YES
Related CWE: CVE-2010-1807
CPE: o:google:android
Metasploit:
https://www.rapid7.com/db/vulnerabilities/google-android-cve-2010-1807/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2010-1807/, https://www.rapid7.com/db/vulnerabilities/apple-safari-cve-2010-1807/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2010-1807/, https://www.rapid7.com/db/vulnerabilities/apple-itunes-cve-2010-1807/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2011-0177/
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Droid 2.1
2010
Android 2.0/2.1 Use-After-Free Remote Code Execution on Webkit
This exploit is a remote code execution vulnerability in Android 2.0/2.1 Webkit. It allows an attacker to execute arbitrary code on the vulnerable system. The vulnerability is triggered by creating a div element and setting its innerHTML to a specially crafted string. This causes a use-after-free condition which can be exploited to execute arbitrary code. The exploit code contains a NOP sled, shellcode, and IP address and port of the attacker's machine.
Mitigation:
The vulnerability is patched in Android 2.2. Users should update their devices to the latest version of Android.
