exploitDog

GHSA-9fw8-mqf2-cw8g

Опубликовано: 07 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The com.callos14.callscreen.colorphone (aka iCall OS17 - Color Phone Flash) application through 4.3 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.callos14.callscreen.colorphone.DialerActivity component.

The com.callos14.callscreen.colorphone (aka iCall OS17 - Color Phone Flash) application through 4.3 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.callos14.callscreen.colorphone.DialerActivity component.

Ссылки

EPSS

Процентиль: 33%

0.00128

Низкий

6.5 Medium

CVSS3

CVE ID

Связанные уязвимости

CVE-2024-53935

CVSS3: 6.5

nvd

около 1 года назад

The com.callos14.callscreen.colorphone (aka iCall OS17 - Color Phone Flash) application through 4.3 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.callos14.callscreen.colorphone.DialerActivity component.

EPSS

Процентиль: 33%

0.00128

Низкий

6.5 Medium

CVSS3

CVE ID