Cross-application scripting vulnerability in the Browser URL loading functionality in Android 2.3.4 and 3.1 allows local applications to bypass the sandbox and execute arbitrary Javascript in arbitrary domains by (1) causing the MAX_TAB number of tabs to be opened, then loading a URI to the targeted domain into the current tab, or (2) making two startActivity function calls beginning with the targeted domain's URI followed by the malicious Javascript while the UI focus is still associated with the targeted domain.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android 3.1 |
||
google android 2.3.4 |
Google has recently announced the forthcoming availability of Ice Cream Sandwich, Android 4.0. In such a short time, Android has seemingly come so far. I’d like to stop and take a look at the security improvements and additions featured in this release. Google’s Android debuted in November 2007 and with its steady rise in popularity we also saw researchers begin to search for holes. A number of vulnerabilities have been found from root exploits like Rage Against the Cage to cross application...