Android: Beware Old Android Browser (CVE-2014-6041)

ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > Non-Windows Software

(1/1)

ewemoa:
This looks pretty serious for folks that still use the old Android Browser (or apps that might use some of the contained code):

...a flaw that enables malicious sites to inject JavaScript into other sites. Those malicious JavaScripts can in turn read cookies and password fields, submit forms, grab keyboard input, or do practically anything else.

--- End quote ---

via:

http://arstechnica.com/security/2014/09/android-browser-flaw-a-privacy-disaster-for-half-of-android-users/

More at:

https://community.rapid7.com/community/metasploit/blog/2014/09/15/major-android-bug-is-a-privacy-disaster-cve-2014-6041

Navigation

[0] Message Index

Go to full version