Unpatched vulnerability in the AOSP browser

A Metasploit module has been developed to easily exploit a dangerous flaw in 75 percent of Android devices that allows attackers to hijack a users’ open websites. The exploit targets vulnerability (CVE-2014-6041) in Android versions 4.2.1 and below and was disclosed without fanfare on 1 September, but had since gathered dust, according to researchers.

Researcher Rafay Baloch discovered the flaw SOP bypass in his Qmobile Noir A20 running Android Browser 4.2.1, and later verified it on devices from Sony, Xperia, Tipo, Samsung Galaxy, HTC Wildfire, Motorola and more. He described the SOP bypass in an earlier post.

“A SOP bypass occurs when a siteA.com is some how able to access the properties of siteB.com such as cookies, location, response etc. Due to the nature of the issue and potential impact, browsers have very strict model pertaining it and a SOP bypass is rarely found in modern browsers, however, they are found once in a while.”

The Register: http://www.theregister.co.uk/2014/09/16/three_quarters_of_droid_phones_open_to_web_page_spy_bug/

Heise: http://www.heise.de/open/meldung/Ungestopftes-Datenleck-in-Androids-Open-Source-Browser-2391930.html