CVE-2015-4034

Name of the Vulnerable Software and Affected Versions Samsung Galaxy S5 (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary files via a crafted Parcelable object in a serialized MethodSpec object, specifically affecting the createFromParcel method in the com.absolute.android.persistence.MethodSpec class. This is a remote code execution vulnerability that involves deserialization of untrusted data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.