Arbitrary File Execution Vulnerability in Samsung Galaxy S5s' createFromParcel Method

Arbitrary File Execution Vulnerability in Samsung Galaxy S5s' createFromParcel Method

CVE-2015-4034 · HIGH Severity

AV:A/AC:M/AU:N/C:C/I:C/A:C

The createFromParcel method in the com.absolute.android.persistence.MethodSpec class in Samsung Galaxy S5s allows remote attackers to execute arbitrary files via a crafted Parcelable object in a serialized MethodSpec object.

Learn more about our Cis Benchmark Audit For Google Android.