Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x and earlier allows attackers to load an arbitrary .jar file and gain privileges via a crafted BOOTCLASSPATH environment variable for a /system/xbin/su process. NOTE: another researcher was unable to reproduce this with ChainsDD Superuser.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多个Android Superuser Packages Search Path 不可信搜索路径漏洞
Vulnerability Description
ChainsDD Superuser等都是用于Android平台中的超级用户授权工具。该工具通过授予应用程序root权限,可掌握手机的控制权。 Android 4.2.x及之前版本的ChainsDD Superuser程序包3.1.3版本,Android 4.2.x及之前版本的CyanogenMod/ClockWorkMod/Koush Superuser程序包1.0.2.1版本,Android 4.2.x及之前版本的Chainfire SuperSU程序包1.69版本中存在不可信搜索路径漏洞。远程攻击者
CVSS Information
N/A
Vulnerability Type
N/A