...
An application could intercept the implicit intent and pass it on to an inappropriate location, while the intent originator would remain both the intent originator and the intent recipient would remain unaware that the intent had been intercepted.
...
| Code Block | ||
|---|---|---|
| ||
TBD |
Risk Assessment
Passing Failing to pass an implicit explicit intent to a pending intent could allow the intent to be misdirected, thereby leaking sensitive information and/or altering the data flow within an app.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DRD05DRD21-J | Medium | Probable | Medium | P8 | L2 |
Automated Detection
Automatic detection of the passing of an implicit intent to a pending intent is straightforwardA straightforward static analysis can perform reasonably well at detecting violations of this rule.