rspec/rules/S5320/description.adoc

In Android applications, broadcasting intents is security-sensitive. For example, it has led in the past to the following vulnerability:

* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9489[CVE-2018-9489]

By default, broadcasted intents are visible to every application, exposing all sensitive information they contain.


This rule raises an issue when an intent is broadcasted without specifying any "receiver permission".
Add rules 5000-5999 2020-06-30 12:50:28 +02:00			`In Android applications, broadcasting intents is security-sensitive. For example, it has led in the past to the following vulnerability:`
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space 2020-06-30 14:49:38 +02:00
Add rules 5000-5999 2020-06-30 12:50:28 +02:00			`* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9489[CVE-2018-9489]`

			`By default, broadcasted intents are visible to every application, exposing all sensitive information they contain.`

Force linebreaks 2021-02-02 15:02:10 +01:00
Add rules 5000-5999 2020-06-30 12:50:28 +02:00			`This rule raises an issue when an intent is broadcasted without specifying any "receiver permission".`