本文内容:

  • 因Android反序列化漏洞导致的Android本地提权
  • Android平台上的ROP:绕过DEP
  • 绕过Android平台的ASLR
  • Android Binder
  • Java序列化与反序列化
  • Heap Spary

CVE-2014-7911

摘自NVD

luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android before 5.0.0 does not verify that deserialization will result in an object that met the requirements for serialization, which allows attackers to execute arbitrary code via a crafted finalize method for a serialized object in an ArrayMap Parcel within an intent sent to system_service, as demonstrated by the finalize method of android.os.BinderProxy, aka Bug 15874291.

Source: MITRE
Description Last Modified: 12/15/2014

POC: https://github.com/CytQ/CVE-2014-7911_poc

Continue reading
  • page 1 of 1
Author's picture

CytQ

Security Engineer
Android、移动安全、逆向、漏洞挖掘、渗透


17本,任职百度、滴滴


Beijing