vendor:
Android
by:
Unknown
7.5
CVSS
HIGH
Bypass of Browser Sandbox
94
CWE
Product Name: Android
Affected Version From: Android 2.3.4
Affected Version To: Android 3.1
Patch Exists: YES
Related CWE: CVE-2011-1823
CPE: o:google:android:2.3.4 cpe:/o:google:android:3.1
Metasploit:
https://www.rapid7.com/db/vulnerabilities/oracle_linux-cve-2022-31631/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2012-1045/, https://www.rapid7.com/db/vulnerabilities/google-android-cve-2011-1823/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2012-1046/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2012-1047/
Platforms Tested: Android
2011
Bypass of Browser Sandbox in Open Handset Alliance Android
The Open Handset Alliance Android is prone to a vulnerability that may allow a bypass of the browser sandbox. Successful exploits will allow attackers to execute arbitrary script code within the context of an arbitrary domain.
Mitigation:
Apply the latest security patches and updates from the Android vendor.