[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [FD] CVE request: remote code execution in Android CTS
From: Jann Horn <jann () thejh ! net>
Date: 2014-10-20 6:21:03
Message-ID: 20141020062103.GB5077 () pc ! thejh ! net
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Sun, Oct 19, 2014 at 07:28:33PM +1000, Lord Tuskington wrote:
> CTS parses api-coverage.xsl without providing the FEATURE_SECURE_PROCESSING
> option. See lines 60-67 of
> cts/tools/cts-api-coverage/src/com/android/cts/apicoverage/HtmlReport.java:
>
> InputStream xsl =
> CtsApiCoverage.class.getResourceAsStream("/api-coverage.xsl");
Is this file on the android device or on the PC?
> <xsl:variable name="Command"><![CDATA[calc.exe]]></xsl:variable>
This causes calc.exe to be run on the PC, right?
["signature.asc" (application/pgp-signature)]
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic