ГлавнаяУязвимости → CVE-2018-9468
7.1высокая

CVE-2018-9468

Описание

In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation.

Затрагиваемое ПО
Google Android
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Источники
https://source.android.com/security/bulletin/2018-09-01