Google Android Operating System < 4.4.0 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 8664

Synopsis

The remote device is affected by multiple vulnerabilities.

Description

The Google Android operating system prior to 4.4.0 is affected by the following vulnerabilities:

- There is a flaw in the built-in browser that is due to the improper handling of NULL bytes by the URL parser. This may allow a context-dependent attacker to bypass the same-origin policy. (CVE-2014-6041)
- There is a flaw related to the 'addJavascriptInterface()' method and the 'accessibility' and 'accessibilityTraversal' objects. With specially crafted JavaScript loaded within the WebView component, a remote attacker can execute arbitrary methods of Java objects i.e. achieve remote code execution. (CVE-2014-7224)
- There is an overflow condition in the DHCP client daemon 'dhcp.c' that is triggered when handling DHCP options. With a specially crafted ACK packet response, a context-dependent attacker can execute arbitrary code. (CVE-2014-7912)
- There is a flaw in the Bluetooth application stack that is triggered when handling Host Controller Interface commands prior to pairing. This may allow a remote attacker within short range of the device to force pairing and in turn execute arbitrary code. (CVE-2014-7914)

Solution

Upgrade to Google Android operating system version 4.4.0 or later if possible.

See Also

http://www.zerodayinitiative.com/advisories/ZDI-15-092/

http://www.zerodayinitiative.com/advisories/ZDI-15-093/

http://seclists.org/oss-sec/2014/q4/51

Plugin Details

Severity: Medium

ID: 8664

Published: 2015/04/10

Modified: 2016/01/21

Dependencies: 5287

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5.8

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 4.8

Temporal Score: 4.5

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:google:android

Patch Publication Date: 2014/07/09

Vulnerability Publication Date: 2014/09/02

Exploitable With

Metasploit (Android Open Source Platform (AOSP) Browser UXSS)

Reference Information

CVE: CVE-2014-6041, CVE-2014-7224, CVE-2014-7912, CVE-2014-7914

BID: 69548, 70222, 73092, 73094