CVE-2011-1149

{"id": "CVE-2011-1149", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-04-21T10:55:01.577", "references": [{"url": "http://android.git.kernel.org/?p=kernel/common.git%3Ba=commit%3Bh=c98a285075f26e2b17a5baa2cb3eb6356a75597e", "source": "secalert@redhat.com"}, {"url": "http://android.git.kernel.org/?p=platform/system/core.git%3Ba=commit%3Bh=25b15be9120bcdaa0aba622c67ad2c835d9e91ca", "source": "secalert@redhat.com"}, {"url": "http://c-skills.blogspot.com/2011/01/adb-trickery-again.html", "source": "secalert@redhat.com"}, {"url": "http://forum.xda-developers.com/wiki/index.php?title=HTC_Vision#Rooting_the_G2", "tags": ["Exploit"], "source": "secalert@redhat.com"}, {"url": "http://groups.google.com/group/android-security-discuss/browse_thread/thread/15f97658c88d6827/e86db04652651971?show_docid=e86db04652651971", "source": "secalert@redhat.com"}, {"url": "https://github.com/tmzt/g2root-kmod/tree/scotty2/scotty2", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://android.git.kernel.org/?p=kernel/common.git%3Ba=commit%3Bh=c98a285075f26e2b17a5baa2cb3eb6356a75597e", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://android.git.kernel.org/?p=platform/system/core.git%3Ba=commit%3Bh=25b15be9120bcdaa0aba622c67ad2c835d9e91ca", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://c-skills.blogspot.com/2011/01/adb-trickery-again.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://forum.xda-developers.com/wiki/index.php?title=HTC_Vision#Rooting_the_G2", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://groups.google.com/group/android-security-discuss/browse_thread/thread/15f97658c88d6827/e86db04652651971?show_docid=e86db04652651971", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/tmzt/g2root-kmod/tree/scotty2/scotty2", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and ASHMEM_SET_PROT_MASK."}, {"lang": "es", "value": "Android anterior a v2.3 no restringe de forma adecuada el acceso al espacio de propiedad del sistema, lo que permite a las aplicaciones locales evitar los privilegios de recinto de seguridad de aplicaciones y obtener privilegios, como lo demuestra psneuter y KillingInTheNameOf, relacionado con el uso de la memoria compartida Android (ashmem) y ASHMEM_SET_PROT_MASK."}], "lastModified": "2024-11-21T01:25:40.057", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77160929-9B5D-48C9-8C7D-3B3DF618EC34", "versionEndIncluding": "2.2.2"}, {"criteria": "cpe:2.3:o:google:android:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C354829-6BEB-4C67-972A-60367073753C"}, {"criteria": "cpe:2.3:o:google:android:1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "702B40EB-76BC-4686-A46E-D02DBE3A86E7"}, {"criteria": "cpe:2.3:o:google:android:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A33DBF65-09A6-4149-BABE-2FFFBF10C31D"}, {"criteria": "cpe:2.3:o:google:android:2.2:rev1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1755B91-1B6B-4A9E-BB6B-22B399A6DD02"}, {"criteria": "cpe:2.3:o:google:android:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A92E88F-CCED-41D7-AFB7-CE1F9265E546"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}