Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2011-2357 |
CWE-ID | CWE-20 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
Google Android Operating systems & Components / Operating system |
Vendor |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU44801
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2011-2357
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
Cross-application scripting vulnerability in the Browser URL loading functionality in Android 2.3.4 and 3.1 allows local applications to bypass the sandbox and execute arbitrary Javascript in arbitrary domains by (1) causing the MAX_TAB number of tabs to be opened, then loading a URI to the targeted domain into the current tab, or (2) making two startActivity function calls beginning with the targeted domain's URI followed by the malicious Javascript while the UI focus is still associated with the targeted domain.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Android: 2.3.4 - 3.1
CPE2.3 External linkshttp://android.git.kernel.org/?p=platform/cts.git;a=commit;h=7e48fb87d48d27e65942b53b7918288c8d740e17
http://android.git.kernel.org/?p=platform/packages/apps/Browser.git;%20a=commit;h=096bae248453abe83cbb2e5a2c744bd62cdb620b
http://android.git.kernel.org/?p=platform/packages/apps/Browser.git;%20a=commit;h=afa4ab1e4c1d645e34bd408ce04cadfd2e5dae1e
http://blog.watchfire.com/files/advisory-android-browser.pdf
http://blog.watchfire.com/wfblog/2011/08/android-browser-cross-application-scripting-cve-2011-2357.html
http://osvdb.org/74260
http://seclists.org/fulldisclosure/2011/Aug/9
http://secunia.com/advisories/45457
http://securityreason.com/securityalert/8335
http://securitytracker.com/id?1025881
http://www.infsec.cs.uni-saarland.de/projects/android-vuln/
http://www.infsec.cs.uni-saarland.de/projects/android-vuln/android_xss.pdf
http://www.securityfocus.com/archive/1/519146/100/0/threaded
http://www.securityfocus.com/bid/48954
http://exchange.xforce.ibmcloud.com/vulnerabilities/68937
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.