Arbitrary File Execution Vulnerability in Samsung Galaxy S5s' createFromParcel Method
CVE-2015-4034 · HIGH Severity
AV:A/AC:M/AU:N/C:C/I:C/A:C
The createFromParcel method in the com.absolute.android.persistence.MethodSpec class in Samsung Galaxy S5s allows remote attackers to execute arbitrary files via a crafted Parcelable object in a serialized MethodSpec object.
Learn more about our Cis Benchmark Audit For Google Android.