Next Browser version 1.16 for Android suffers from a browser history information leakage vulnerability.
d7650167265578b146d40c5bf9d94c0b6dd6674d7f1566ebf5b31bc16ace2dd5
*# Disclosure Date:* 30/01/2014
*# Author: *Keith Makan
*# Vendor or Software Link:*
https://play.google.com/store/apps/details?id=com.jiubang.browser&hl=en
*# Version:* 1.16
*# Tested on:* Android 3.2.1 (HTC Flyer)
*# Tools :* Drozer, Bash
*Description*
Next Browser for Android (version 1.16) suffers from critical information
disclosure vulnerabilities in which applications with no granted
permissions are capable of gaining access to detailed information about a
victim's browsing history. Another vulnerability stemming from the same
issue also allows unauthorized corruption/modification of the browsing
history data.
*Impact*
Unauthorized applications are capable of abusing this vulnerability to leak
data about a victims browsing history. Further more, seeing that this
vulnerability occurs in a browser, attackers could exploit this
vulnerability to force victims to visit malicious sites---should they be
visited from their history.
Currently an estimated 5,000,000 - 10,000,000 installs are affected.
*Timeline*
1. Original Disclosure 30/01/2014
2. -- No Response noted 08/02/2014
3. Public Advisory 09/02/2014
*PoC:*
Browser History Leak : http://i.imgur.com/vJGSh22.png
Browser History Overwrite : http://i.imgur.com/17cvsb2.png
--
<Keith k3170makan <http://about.me/k3170makan> Makan/>