Menu

Android Serialization Vulnerabilities Revisited

  • Friday, March 4, 2016 | 11:20 AM – 12:10 PM | West | Room: 3018

View all Sessions

This session is about Android Serialization vulnerabilities. We revisit two vulns found in Android (CVE-2014-7911, CVE-2015-3837) which allowed for privilege escalation. We also present vulns found in third-party SDKs (CVE-2015-2000/1/2/3/4/20) which allowed for arbitrary code execution in apps which used them. But what has been done to prevent similar vulns? The session will answer this question.

Participants

This document was retrieved from http://www.rsaconference.com/events/us16/agenda/sessions/2455/android-serialization-vulnerabilities-revisited on Mon, 16 Oct 2017 21:53:33 -0400.
© 2017 EMC Corporation. All rights reserved.