Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Race condition in AndroidTV TvSettings
Vulnerability Description
There exists a TOCTOU race condition in TvSettings AppRestrictionsFragment.java that lead to start of attacker supplied activity in Settings’ context, i.e. system-uid context, thus lead to launchAnyWhere. The core idea is to utilize the time window between the check of Intent and the use to Intent to change the target component’s state, thus bypass the original security sanitize function.
CVSS Information
N/A
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Vulnerability Title
Google Android TV 安全漏洞
Vulnerability Description
Google Android TV是美国谷歌(Google)公司的一个电视操作系统应用。 Google Android TV存在安全漏洞,该漏洞源于TOCTOU竞争条件,可能导致任意活动启动。
CVSS Information
N/A
Vulnerability Type
N/A