Software Integrity Blog

Author Archive

Neil Bergman

nbergman


Posts by Neil Bergman:

 

Cordova InAppBrowser remote privilege escalation

Earlier this year, I identified an interesting vulnerability (CVE-2014-0073) in one of Apache Cordova’s core plug-ins (InAppBrowser). Cordova, also sometimes referred to as PhoneGap, is a popular cross-platform mobile framework that allows developers to write mobile applications in JavaScript and HTML. The JavaScript and HTML code executes within the Cordova WebView and has access to native functionality via a set of plug-ins that is exposed by a JavaScript bridge. How this bridge is implemented varies across the supported platforms such as Android, iOS, Windows Phone, and BlackBerry.

Continue Reading...

Posted in Mobile Application Security | Comments Off on Cordova InAppBrowser remote privilege escalation

 

Understanding fragment injection

A colleague asked me about an Android vulnerability called fragment injection because of an article he read [1] and I think its worth diving into the details of the vulnerability. Fragment injection is a classic example of using reflection in an unsafe way (CWE-470) [2]. As in untrusted data from an Intent is used to determine which class is instantiated within the target Android application.

Continue Reading...

Posted in Mobile Application Security, Web Application Security | Comments Off on Understanding fragment injection