The createFromParcel method in the com.absolute.android.persistence.MethodSpec class in Samsung Galaxy S5s allows remote attackers to execute arbitrary files via a crafted Parcelable object in a serialized MethodSpec object.
El método createFromParcel en la clase com.absolute.android.persistence.MethodSpec en Samsung Galaxy S5s permite a atacantes remotos ejecutar ficheros arbitrarios a través de un objeto Parcelable manipulado en un objeto MethodSpec serializado.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable Samsung Galaxy S5s. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the com.absolute.android.persistence.MethodSpec Class. The createFromParcel() method performs dynamic class loading but does not restrict the source of the classes to be loaded. An attacker can craft a Parcelable object specifying arbitrary class files that will be loaded when the MethodSpec object is deserialized, resulting in remote code execution as the system user.
