Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse app_process program via a crafted PATH environment variable for a /system/xbin/su process.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ClockWorkMod Superuser Package Environment Search Path 不可信搜索路径漏洞
Vulnerability Description
CyanogenMod/ClockWorkMod/Koush Superuser是一套用于Android平台中的超级用户授权工具。该工具通过授予应用程序root权限,可掌握手机的控制权。 Android 4.2.x及之前版本的CyanogenMod/ClockWorkMod/Koush Superuser程序包1.0.2.1版本中存在不可信搜索路径漏洞。攻击者可借助/system/xbin/su进程的特制PATH环境变量利用该漏洞执行木马app_process程序。
CVSS Information
N/A
Vulnerability Type
N/A