Rapid7 Vulnerability & Exploit Database

Android Browser "Open in New Tab" Cookie Theft

Back to Search

Android Browser "Open in New Tab" Cookie Theft

Created
05/30/2018

Description

In Android's stock AOSP Browser application and WebView component, the "open in new tab" functionality allows a file URL to be opened. On versions of Android before 4.4, the path to the sqlite cookie database could be specified. By saving a cookie containing a

General:

info@rapid7.com

Sales:

+1-866-772-7437
sales@rapid7.com

Support:

+1–866–390–8113 (toll free)
support@rapid7.com

Incident Response:

1-844-727-4347

More Contact Info