CVE-2010-4804

Android <2.3.4 - Info Disclosure

Title source: llm

Description

The Android browser in Android before 2.3.4 allows remote attackers to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/android/browser/.

Exploits (3)

exploitdb WORKING POC

by Thomas Cannon · phpwebappsandroid

https://www.exploit-db.com/exploits/18164

View Code ZIP pw:eip

nomisec WORKING POC 8 stars

by thomascannon · poc

https://github.com/thomascannon/android-cve-2010-4804

View Code ZIP pw:eip

metasploit WORKING POC

by Thomas Cannon, jduck · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_htmlfileprovider.rb

View Code ZIP pw:eip

References (6)

[Patch] http://android.git.kernel.org/?p=platform/frameworks/base.git%3Ba=commit%3Bh=f440831d76817e837164ca18c7705e81d2391f87

[Patch] http://android.git.kernel.org/?p=platform/packages/apps/Browser.git%3Ba=commit%3Bh=604a598e1e01bda781600a45e0a971898a582666

[Various Sources] http://thomascannon.net/blog/2010/11/android-data-stealing-vulnerability/

[Various Sources] http://www.csc.ncsu.edu/faculty/jiang/nexuss.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/48256

[Various Sources] http://www.slashgear.com/android-data-theft-exploit-to-be-plugged-in-gingerbread-video-24116054/

Scores

EPSS 0.6217

EPSS Percentile 98.4%

Details

CWE

CWE-200

Status published

Products (8)

google/android 1.5

google/android 1.6

google/android 2.1

google/android 2.2 (2 CPE variants)

google/android 2.2.1

google/android 2.2.2

google/android 2.3 rev1

google/android < 2.3.3

Published Jun 09, 2011

Tracked Since Feb 18, 2026