ASB-A-141745510
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-141745510.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-141745510
- Aliases
-
- A-141745510
- CVE-2020-0099
- Published
- 2020-12-01T00:00:00Z
- Modified
- 2025-11-03T16:35:39.530274Z
- Summary
- [none]
- Details
-
In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. This could lead to local escalation of privilege via tapjacking with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2020-12-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_version": "v1",
"digest": {
"length": 428.0,
"function_hash": "16470296595748302751429615350403835435"
},
"signature_type": "Function",
"id": "ASB-A-141745510-91df2d31",
"target": {
"file": "core/java/android/app/Presentation.java",
"function": "Presentation"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"284739123596893706868441310605521816554",
"310910491252385827482529463668437167198",
"164078704569361445881907929766921961692",
"212498877347547688308971838242367858741",
"151668555048620502282814188416117780957",
"293800099826551194011851465065689510334",
"88104751500865165448568543323299979499",
"282737449069670697323443487352111097156",
"148747968208670788585632901034177801255",
"98801012437365175927273974576064122844",
"180933921665634626912029726772295855683",
"180039528865902641544979902937390293156",
"150894201314947685218659398085326463185",
"247168711585419387284883360734956304431",
"259954851331771414546839594935212947561",
"181189371768132502709086886598266580827",
"32830964378343325304109610718441944125",
"109397249449679003589181006586383226057",
"238165953028879001977921284023031322337",
"239808822552779414125607017816175416786",
"111510957775210277667436632969356236231",
"212708508222384534560503446598766847155",
"115419455924734461829589099314736281194",
"12729223600110911345623445160613884852",
"107989678609931950492204246501756882708",
"260928118046867730168350260999058048151",
"29178769816291715695478212850673987886",
"184954786133671830976896438004284615595",
"146835545390191456411925823945455502470",
"33158603333309345937165840096746272737",
"144440662019802877075626263617492032298",
"260116777355025482366584024617753373685"
]
},
"signature_type": "Line",
"id": "ASB-A-141745510-94e2802a",
"target": {
"file": "core/java/android/app/Presentation.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"234069422119696202154083242380740807887",
"191948924181362536245303968468935497427",
"75479889889848254181899260583783995296",
"214187471240762794777306020249339973221",
"119220530006493209690353392747817253960",
"267291635559972868242144434577681713842",
"237064503174190504491352634040300410073"
]
},
"signature_type": "Line",
"id": "ASB-A-141745510-aaa34f23",
"target": {
"file": "services/core/java/com/android/server/wm/WindowManagerService.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"length": 11726.0,
"function_hash": "289033905442372113596197774409108073352"
},
"signature_type": "Function",
"id": "ASB-A-141745510-c06fd262",
"target": {
"file": "services/core/java/com/android/server/wm/WindowManagerService.java",
"function": "addWindow"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2020-12-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_version": "v1",
"digest": {
"length": 428.0,
"function_hash": "16470296595748302751429615350403835435"
},
"signature_type": "Function",
"id": "ASB-A-141745510-08359386",
"target": {
"file": "core/java/android/app/Presentation.java",
"function": "Presentation"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"234069422119696202154083242380740807887",
"191948924181362536245303968468935497427",
"75479889889848254181899260583783995296",
"214187471240762794777306020249339973221",
"119220530006493209690353392747817253960",
"267291635559972868242144434577681713842",
"237064503174190504491352634040300410073"
]
},
"signature_type": "Line",
"id": "ASB-A-141745510-1205cc3f",
"target": {
"file": "services/core/java/com/android/server/wm/WindowManagerService.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"284739123596893706868441310605521816554",
"310910491252385827482529463668437167198",
"164078704569361445881907929766921961692",
"212498877347547688308971838242367858741",
"151668555048620502282814188416117780957",
"293800099826551194011851465065689510334",
"88104751500865165448568543323299979499",
"282737449069670697323443487352111097156",
"148747968208670788585632901034177801255",
"98801012437365175927273974576064122844",
"180933921665634626912029726772295855683",
"180039528865902641544979902937390293156",
"150894201314947685218659398085326463185",
"247168711585419387284883360734956304431",
"259954851331771414546839594935212947561",
"181189371768132502709086886598266580827",
"32830964378343325304109610718441944125",
"109397249449679003589181006586383226057",
"238165953028879001977921284023031322337",
"239808822552779414125607017816175416786",
"111510957775210277667436632969356236231",
"212708508222384534560503446598766847155",
"115419455924734461829589099314736281194",
"12729223600110911345623445160613884852",
"107989678609931950492204246501756882708",
"260928118046867730168350260999058048151",
"29178769816291715695478212850673987886",
"184954786133671830976896438004284615595",
"146835545390191456411925823945455502470",
"33158603333309345937165840096746272737",
"144440662019802877075626263617492032298",
"260116777355025482366584024617753373685"
]
},
"signature_type": "Line",
"id": "ASB-A-141745510-7c2394ec",
"target": {
"file": "core/java/android/app/Presentation.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"length": 11726.0,
"function_hash": "289033905442372113596197774409108073352"
},
"signature_type": "Function",
"id": "ASB-A-141745510-baccc2fc",
"target": {
"file": "services/core/java/com/android/server/wm/WindowManagerService.java",
"function": "addWindow"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2020-12-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_version": "v1",
"digest": {
"length": 11726.0,
"function_hash": "289033905442372113596197774409108073352"
},
"signature_type": "Function",
"id": "ASB-A-141745510-6cc51360",
"target": {
"file": "services/core/java/com/android/server/wm/WindowManagerService.java",
"function": "addWindow"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"length": 428.0,
"function_hash": "16470296595748302751429615350403835435"
},
"signature_type": "Function",
"id": "ASB-A-141745510-865c719f",
"target": {
"file": "core/java/android/app/Presentation.java",
"function": "Presentation"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"284739123596893706868441310605521816554",
"310910491252385827482529463668437167198",
"164078704569361445881907929766921961692",
"212498877347547688308971838242367858741",
"151668555048620502282814188416117780957",
"293800099826551194011851465065689510334",
"88104751500865165448568543323299979499",
"282737449069670697323443487352111097156",
"148747968208670788585632901034177801255",
"98801012437365175927273974576064122844",
"180933921665634626912029726772295855683",
"180039528865902641544979902937390293156",
"150894201314947685218659398085326463185",
"247168711585419387284883360734956304431",
"259954851331771414546839594935212947561",
"181189371768132502709086886598266580827",
"32830964378343325304109610718441944125",
"109397249449679003589181006586383226057",
"238165953028879001977921284023031322337",
"239808822552779414125607017816175416786",
"111510957775210277667436632969356236231",
"212708508222384534560503446598766847155",
"115419455924734461829589099314736281194",
"12729223600110911345623445160613884852",
"107989678609931950492204246501756882708",
"260928118046867730168350260999058048151",
"29178769816291715695478212850673987886",
"184954786133671830976896438004284615595",
"146835545390191456411925823945455502470",
"33158603333309345937165840096746272737",
"144440662019802877075626263617492032298",
"260116777355025482366584024617753373685"
]
},
"signature_type": "Line",
"id": "ASB-A-141745510-d79c89c9",
"target": {
"file": "core/java/android/app/Presentation.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"234069422119696202154083242380740807887",
"191948924181362536245303968468935497427",
"75479889889848254181899260583783995296",
"214187471240762794777306020249339973221",
"119220530006493209690353392747817253960",
"267291635559972868242144434577681713842",
"237064503174190504491352634040300410073"
]
},
"signature_type": "Line",
"id": "ASB-A-141745510-e9fd4e87",
"target": {
"file": "services/core/java/com/android/server/wm/WindowManagerService.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2020-12-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"234069422119696202154083242380740807887",
"191948924181362536245303968468935497427",
"75479889889848254181899260583783995296",
"214187471240762794777306020249339973221",
"119220530006493209690353392747817253960",
"267291635559972868242144434577681713842",
"237064503174190504491352634040300410073"
]
},
"signature_type": "Line",
"id": "ASB-A-141745510-5023bdb2",
"target": {
"file": "services/core/java/com/android/server/wm/WindowManagerService.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"length": 11726.0,
"function_hash": "289033905442372113596197774409108073352"
},
"signature_type": "Function",
"id": "ASB-A-141745510-5c609d4e",
"target": {
"file": "services/core/java/com/android/server/wm/WindowManagerService.java",
"function": "addWindow"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"length": 428.0,
"function_hash": "16470296595748302751429615350403835435"
},
"signature_type": "Function",
"id": "ASB-A-141745510-694e8bff",
"target": {
"file": "core/java/android/app/Presentation.java",
"function": "Presentation"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"284739123596893706868441310605521816554",
"310910491252385827482529463668437167198",
"164078704569361445881907929766921961692",
"212498877347547688308971838242367858741",
"151668555048620502282814188416117780957",
"293800099826551194011851465065689510334",
"88104751500865165448568543323299979499",
"282737449069670697323443487352111097156",
"148747968208670788585632901034177801255",
"98801012437365175927273974576064122844",
"180933921665634626912029726772295855683",
"180039528865902641544979902937390293156",
"150894201314947685218659398085326463185",
"247168711585419387284883360734956304431",
"259954851331771414546839594935212947561",
"181189371768132502709086886598266580827",
"32830964378343325304109610718441944125",
"109397249449679003589181006586383226057",
"238165953028879001977921284023031322337",
"239808822552779414125607017816175416786",
"111510957775210277667436632969356236231",
"212708508222384534560503446598766847155",
"115419455924734461829589099314736281194",
"12729223600110911345623445160613884852",
"107989678609931950492204246501756882708",
"260928118046867730168350260999058048151",
"29178769816291715695478212850673987886",
"184954786133671830976896438004284615595",
"146835545390191456411925823945455502470",
"33158603333309345937165840096746272737",
"144440662019802877075626263617492032298",
"260116777355025482366584024617753373685"
]
},
"signature_type": "Line",
"id": "ASB-A-141745510-cec409ec",
"target": {
"file": "core/java/android/app/Presentation.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d0746b46a5d8049a7105a16eb25c44810376527e",
"deprecated": false
}
],
"severity": "High"
}