Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and previous versions, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and previous versions, and Chainfire SuperSU package prior to 1.69 for Android 4.2.x and previous versions allows malicious users to load an arbitrary .jar file and gain privileges via a crafted BOOTCLASSPATH environment variable for a /system/xbin/su process. NOTE: another researcher was unable to reproduce this with ChainsDD Superuser.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
chainfire supersu 1.69 |
||
androidsu chainsdd_superuser 3.1.3 |
||
koushik_dutta superuser 1.0.2.1 |