Celebrate Christmas with Huawei Community and Win a Laptop!

Topics

Android Auto Android Mods Android TV Apps & Games Themes Wear OS Connected Car Q&A

Has anyone looked at CVE-2014-8609?

Thread starter CovXX
Start date Apr 23, 2015

CovXX

Senior Member

Apr 23, 2015 at 3:00 PM

#1

With the latest OTA we're still vulnerable to "CVE-2014-8609" or "settings pending intent"

Summary from the full disclosure:

In Android = 4.0), Settings application leaks Pendingintent with a blank base intent (neither the component nor the action is explicitly set) to third party application, bad app can use this to broadcast intent with the same permissions and identity of the Settings application, which runs as SYSTEM uid. Thus bad app can broadcast sensitive intent with the permission of SYSTEM.

Now just give me some time

Last edited: Apr 24, 2015

Reactions: ncsuwolfs, AlexanderJohn and xm41907

You must log in or register to reply here.

Share:

Facebook Twitter Reddit WhatsApp Email Link

Huawei Christmas Win D15 Laptop

New posts

[ROM][H910|H918|LS997|US996|VS995|H990*] UNOFFICIAL LineageOS 18.1 for LG V20
- Latest: Franzoni55
- A moment ago
LG V20 ROMs, Kernels, Recoveries, & Other Developm
[ROM] [11.0.0] [polaris] ArrowOS 11.0 [OFFICIAL]
- Latest: palaych
- A moment ago
Xiaomi Mi Mix 2S ROMs, Kernels, Recoveries, & Othe
R
[ROM] [S7flat+S7edge Exynos](Pie)Arcatarc NfeSuperleggera®V4
- Latest: RoboNinjaR
- 1 minute ago
Samsung Galaxy S7 (Exynos) ROMs, Kernels, Recoveri
T
[GUIDE] [RAW Firmware] [RE-LOCK] Convert CN to->WW or WW to->CN Rom (20/12/2019)
- Latest: Terry_78
- 1 minute ago
ASUS ROG Phone II Guides, News, & Discussion
S
[TOOL] rkDumper (utility for backup firmware of RockChip's devices)
- Latest: ssota
- 1 minute ago
Upgrading, Modifying and Unlocking

Our Apps

Get our official app!

The best way to access XDA on your phone

Add swipe gestures to any Android

One Handed Mode

Eases uses one hand with your phone