Android Stock Browser Address Bar Spoofing
Steps To Reproduce
Proof of Concept
CreditsThe proof of concept was initially created by me, however it was later modified and improvised by "Joe Vennix". I would like to sincerely thank "Tod Beardsley" from Rapid7 team for handling the disclosure for me. Kudos!
MitigationThe Android security team has responded by releasing patches committed to both Kitkat and Lollipop main distributions. Users are advised to contact their carriers to determine if they have received updated versions of these operating systems."
Disclosure TimelineFeb 09, 2015: Reported to firstname.lastname@example.org by Rafay Baloch
Mar 26, 2015: Disclosed to Rapid7 and Joe Vennix Wed
Apr 01, 2015: Proof of Concept improved by Joe Vennix Fri
Apr 03, 2015: Reported to email@example.com and CERT/CC by Rapid7 Tue
Apr 07, 2015: Vendor responds, patch availabile on Lollipop Thu
Apr 30, 2015: Vendor responds, patch availabile on KitKat Mon
May 18, 2015: Public disclosure