mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-15 15:58:01 +02:00
0xMarcio
1.7 KiB
1.7 KiB
CVE-2018-9468
Description
In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation.
POC
Reference
No PoCs from references.
Github
- https://github.com/0xT11/CVE-POC
- https://github.com/IOActive/AOSP-DownloadProviderDbDumper
- https://github.com/IOActive/AOSP-DownloadProviderHeadersDumper
- https://github.com/IOActive/AOSP-DownloadProviderHijacker
- https://github.com/alphaSeclab/sec-daily-2019
- https://github.com/hectorgie/PoC-in-GitHub