Android Serialization Vulnerabilities: Is Your Device or App Still Vuln?

  • Thursday, 21 July, 2016 | 10.00 – 10.45 hrs | Peony Room 4404

View all Sessions

This session on Android serialization vulnerabilities will revisit two vulns found in Android (CVE-2014-7911, CVE-2015-3837), which allowed for privilege escalation, and will present vulns found in third-party SDKs (CVE-2015-2000/1/2/3/4/20), which allowed for arbitrary code execution in apps which used them. But what has been done to prevent similar vulns? The session will answer this question.


This document was retrieved from on Mon, 24 Oct 2016 23:10:41 -0400.
© 2016 EMC Corporation. All rights reserved.