Vulnerability Details : CVE-2011-2357
Potential exploit
Cross-application scripting vulnerability in the Browser URL loading functionality in Android 2.3.4 and 3.1 allows local applications to bypass the sandbox and execute arbitrary Javascript in arbitrary domains by (1) causing the MAX_TAB number of tabs to be opened, then loading a URI to the targeted domain into the current tab, or (2) making two startActivity function calls beginning with the targeted domain's URI followed by the malicious Javascript while the UI focus is still associated with the targeted domain.
Vulnerability category: Input validation
Products affected by CVE-2011-2357
- cpe:2.3:o:google:android:2.3.4:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:3.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-2357
6.55%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 90 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-2357
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2011-2357
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-2357
-
http://blog.watchfire.com/files/advisory-android-browser.pdf
Exploit
-
http://seclists.org/fulldisclosure/2011/Aug/9
Full Disclosure: Android Browser Cross-Application Scripting (CVE-2011-2357)Exploit;Patch
-
http://android.git.kernel.org/?p=platform/packages/apps/Browser.git;%20a=commit;h=afa4ab1e4c1d645e34bd408ce04cadfd2e5dae1e
Patch
-
http://securitytracker.com/id?1025881
Google Android Browser URL Loading Flaw Permits Cross-Application Scripting Attacks - SecurityTracker
-
http://www.infsec.cs.uni-saarland.de/projects/android-vuln/android_xss.pdf
404 Not FoundExploit
-
http://securityreason.com/securityalert/8335
Android Browser Cross-Application Scripting - CXSecurity.com
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/68937
Android sandbox cross-application scripting CVE-2011-2357 Vulnerability Report
-
http://android.git.kernel.org/?p=platform/cts.git;a=commit;h=7e48fb87d48d27e65942b53b7918288c8d740e17
Patch
-
http://android.git.kernel.org/?p=platform/packages/apps/Browser.git;%20a=commit;h=096bae248453abe83cbb2e5a2c744bd62cdb620b
Patch
-
http://www.infsec.cs.uni-saarland.de/projects/android-vuln/
404 Not FoundExploit
-
http://www.securityfocus.com/bid/48954
Open Handset Alliance Android Browser Sandbox Security Bypass VulnerabilityExploit
-
http://blog.watchfire.com/wfblog/2011/08/android-browser-cross-application-scripting-cve-2011-2357.html
Exploit
-
http://www.securityfocus.com/archive/1/519146/100/0/threaded
SecurityFocus
Jump to