Koushik Dutta : Security Vulnerabilities, CVEs, (Directory traversal)
Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse app_process program via a crafted PATH environment variable for a /system/xbin/su process.
Max CVSS
5.0
EPSS Score
0.15%
Published
2014-03-31
Updated
2014-03-31
1 vulnerabilities found