Full Disclosure mailing list archives
Re: CVE request: remote code execution in Android CTS
From: Jann Horn <jann () thejh net>
Date: Mon, 20 Oct 2014 08:21:03 +0200
On Sun, Oct 19, 2014 at 07:28:33PM +1000, Lord Tuskington wrote:
CTS parses api-coverage.xsl without providing the FEATURE_SECURE_PROCESSING option. See lines 60-67 of cts/tools/cts-api-coverage/src/com/android/cts/apicoverage/HtmlReport.java: InputStream xsl = CtsApiCoverage.class.getResourceAsStream("/api-coverage.xsl");
Is this file on the android device or on the PC?
<xsl:variable name="Command"><![CDATA[calc.exe]]></xsl:variable>
This causes calc.exe to be run on the PC, right?
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- CVE request: remote code execution in Android CTS Lord Tuskington (Oct 19)
- Re: CVE request: remote code execution in Android CTS Lord Tuskington (Oct 19)
- Re: [oss-security] CVE request: remote code execution in Android CTS Nick Kralevich (Oct 19)
- Re: [oss-security] CVE request: remote code execution in Android CTS Grond (Oct 19)
- Re: [oss-security] CVE request: remote code execution in Android CTS Mario Vilas (Oct 22)
- Re: [oss-security] CVE request: remote code execution in Android CTS Grond (Oct 19)
- Re: CVE request: remote code execution in Android CTS Jann Horn (Oct 19)