| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAD96GYhrC6jRcfCo1cdLHuYFbSmtsa0hSMc3Fq8va4TcX68DKA@mail.gmail.com> Date: Wed, 23 Jan 2019 00:47:54 +0100 From: Valerio Brussani <valeriobrussani@...il.com> To: bugtraq@...urityfocus.com Subject: CVE-2018-13042 - 1Password Android < 7.0 - Denial Of Service ############ Description ############ The 1Password application < 7.0 for Android is affected by a Denial Of Service vulnerability. By starting the activity com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity or com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity from an external application (since they are exported), it is possible to crash the 1Password instance. ############ Poc ############ To invoke the exported activity and crash the app, it is possible to use Drozer: run app.activity.start --component com.agilebits.onepassword com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity ############ Affected Components ############ com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity ############ Disclosure timeline ############ 2018-07-27 Contacting 1Password 2018-07-30 1Password acknowledges the vulnerability 2018-08-22 The vulnerability is fixed and made public Valerio Brussani (@val_brux)
Powered by blists - more mailing lists