Artem Chaykin - Security Researcher - Exploit Intelligence Platform

CVE-2012-4905 EXPLOITDB text WORKING POC

Google Chrome <18.0.1025308 - XSS

Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universal XSS (UXSS)."

View Code

CVE-2012-4909 EXPLOITDB text WORKING POC

Google Chrome <18.0.1025308 - Info Disclosure

Google Chrome before 18.0.1025308 on Android allows remote attackers to obtain cookie information via a crafted application.

View Code

CVE-2012-4906 EXPLOITDB text WORKING POC

Google Chrome <18.0.1025308 - Info Disclosure

Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4903.

View Code

CVE-2012-4908 EXPLOITDB text WORKING POC

Google Chrome <18.0.1025308 - CSRF

Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink.

View Code