Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2013-6768

Published: 31/03/2014 Updated: 31/03/2014
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Superuser

Vulnerability Summary

Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and previous versions allows malicious users to trigger the launch of a Trojan horse app_process program via a crafted PATH environment variable for a /system/xbin/su process.

Vulnerable Product Search on Vulmon Subscribe to Product

koushik_dutta superuser 1.0.2.1

Exploits

Exploit DB: Android 4.2.x Superuser Unsanitized Environment
Vulnerable releases of several common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root without notifying the device owner This advisoriy documents PATH and BOOTCLASSPATH vulnerabilities ...

References

CWE-22http://www.securityfocus.com/archive/1/529796https://nvd.nist.govhttps://packetstormsecurity.com/files/124015/Android-4.2.x-Superuser-Unsanitized-Environment.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook