Android Browser Information Disclosure

October 10, 2014

Android Open Source Project (AOSP) browser - called "Browser" - is a web browser application that is capable of rendering both static and dynamic web content (DOM). The app appears in Android 4.3 and earlier; in Android 4.4, Google dropped the app to encourage use of its Chrome browser.

The same origin policy is an important concept in the web application security model. The policy permits scripts running on pages originating from the same site - a combination of scheme, hostname, and port number - to access each other's DOM with no specific restrictions, but prevents access to DOM on different sites.

An information disclosure vulnerability exists in Android Browser. The vulnerability is due to validation failure when processing JavaScript functions within web pages. A remote attacker can exploit this vulnerability by enticing a user to view a specially crafted web page using a vulnerable version of Android Browser. Successful exploitation can result in violation of same origin policy, which would disclosure information about other web pages opened by the user or stored in the browser cache.

The vulnerability has been assigned as CVE-2014-6041.

Dell SonicWALL has released IPS signatures to detect and block specific exploitation attempts targeting this vulnerability. The signatures are listed below:

  • 5570 Android Browser Same Origin Policy Bypass 1
  • 5682 Android Browser Same Origin Policy Bypass 2