Android : Insufficient database access control (SQLite)

In the absence of proper access control, executing the SQLite database query with a primary key controlled by the user may give an attacker unauthorized access to database entries.

There is an important difference between SQL queries for SQL and SQLite. In contrast to classical attacks of this type, SQLite database query injection gives an attacker unauthorized read access, but does not allow to change the state of the database.

Insecure Direct Object Reference attacks take the seventh place in the “OWASP Mobile Top 10 2014” mobile application vulnerabilities ranking.

Applications frequently use the actual name or key of an object when generating web pages. Applications don’t always verify the user is authorized for the target object. This results in an insecure direct object reference flaw. Testers can easily manipulate parameter values to detect such flaws. Code analysis quickly shows whether authorization is properly verified. Such flaws can compromise all the data that can be referenced by the parameter. Unless object references are unpredictable, it’s easy for an attacker to access all available data of that type.