VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Androidsu
>
Chainsdd Superuser
> Critical
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2014-03-31
CVE-2013-6774
Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x and earlier allows attackers to load an arbitrary .jar file and gain privileges via a crafted BOOTCLASSPATH environment variable for a /system/xbin/su process.
network
low complexity
chainfire
google
androidsu
koushik-dutta
critical
10.0
10