...
An application could intercept the implicit intent and pass it on to an inappropriate location which would be , while both the intent originator and the intent recipient would remain unaware that the intent had been intercepted.
...
| Code Block | ||
|---|---|---|
| ||
TBD |
Risk Assessment
Passing Failing to pass an implicit explicit intent to a pending intent could allow the intent to be misdirected, thereby leaking sensitive information and/or altering the data flow within an app.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DRD05DRD21-J | Medium | Probable | Medium | P8 | L2 |
Automated Detection
Automatic detection of the passing of an implicit intent to a pending intent is straightforwardA straightforward static analysis can perform reasonably well at detecting violations of this rule.