Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Android Browser in Android < 4.4 Same Origin Policy Bypass

Medium

Synopsis

The mobile Android host is running a vulnerable browser.

Description

The native browser in versions of Android earlier than 4.4 is exposed to a same-origin policy bypass vulnerability, which allows one origin to access resources and properties of a site on another origin via web script. This exposes the victim to potential unauthorized access and information disclosure.

Solution

Upgrade to Android 4.4 if possible, or utilize a different browser.