Detecting Passive Content Leaks and Pollution in Android Applications
Author(s): Yajin Zhou, Xuxian Jiang
Download: Paper (PDF)
Date: 23 Apr 2013
Document Type: Presentations
Additional Documents: Slides
Associated Event: NDSS Symposium 2013
We systematically study two vulnerabilities in open content provider components of Android applications. The first vulnerability can be exploited to disclose various types of private in-app data while the second one can be leveraged to manipulate them and potentially cause serious side-effects. Our evaluation with 62,519 Android applications shows that 2.3% of them are susceptible to these two vulnerabilities.