Major pre 4.4 ASOP browser bug.

Tonik

Active Member
Joined
Sep 11, 2011
Messages
670
Reaction score
58
The folks at Rapid 7 (whom I know well) have written up and tested a recently released bug in the stock browser. This seems to impact pre 4.4 Android phones. In simple turns, the bad guy gets you to go to his website he can see all the other tabs on your browser, and all your session cookies to those websites. So he can snag your authentication to another website.

https://community.rapid7.com/commun...droid-bug-is-a-privacy-disaster-cve-2014-6041
 
Back
Top