CVE-2013-4777

EUVD-2013-4623
A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/init_runit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Affected Products (NVD)
VendorProductVersion
googleandroid
2.3.7
motoroladefy_xt
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://plus.google.com/110348415484169880343/posts/5ofgPNrSu3J
https://plus.google.com/110348415484169880343/posts/5ofgPNrSu3J