The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su.
References
Link | Resource |
---|---|
http://www.securityfocus.com/archive/1/529797 | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-03-30T10:00:00
Updated: 2014-03-30T06:57:00
Reserved: 2013-11-10T00:00:00
Link: CVE-2013-6775
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-03-31T14:58:57.807
Modified: 2014-03-31T19:08:03.077
Link: CVE-2013-6775
JSON object: View
Redhat Information
No data.
CWE