CVE-2013-6768

Published: Mar 30, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse app_process program via a crafted PATH environment variable for a /system/xbin/su process.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20131113 Superuser unsanitized environment vulnerability on Android <= 4.2.x

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-6768

Description

Affected Products

References