CVE-2013-4777

Published: Sep 25, 2013Modified: Apr 29, 2026

6.9

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 3.4 / Impact: 10.0

Source: NVD

Description

A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/init_runit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object.

Affected (2)

Products: Google: Android · Motorola: Defy Xt

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Google Android	Version 2.3.7
Motorola Defy Xt	All versions

Related CWEs

References (2)

https://plus.google.com/110348415484169880343/posts/5ofgPNrSu3J

Source: cve@mitre.org

ExploitThird Party Advisory

https://plus.google.com/110348415484169880343/posts/5ofgPNrSu3J

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.