cve/CVE-2023-21238.md at dd6a10065df501f0a524d47b55e162f16811ba93

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

POC

Reference

91bfcbbd87

Github

https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21238
https://github.com/nomi-sec/PoC-in-GitHub

892 B Raw Blame History

CVE-2023-21238

Description

POC

Reference

Github

892 B

Raw Blame History