In queryChildDocuments of FileSystemProvider.java, there is a possible way to request access to directories that should be hidden due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
Metrics
Affected Vendors & Products
References
History
Thu, 29 Aug 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-284 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2024-02-16T00:08:16.134Z
Updated: 2024-08-29T13:50:11.709Z
Reserved: 2023-11-16T22:59:12.656Z
Link: CVE-2024-0032
Vulnrichment
Updated: 2024-08-01T17:41:15.850Z
NVD
Status : Awaiting Analysis
Published: 2024-02-16T02:15:50.823
Modified: 2024-08-29T20:35:54.413
Link: CVE-2024-0032
Redhat
No data.