exploitDog

GHSA-q8p5-49qg-m9wx

Опубликовано: 03 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The com.enflick.android.TextNow (aka TextNow: Call + Text Unlimited) application 24.17.0.2 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.enflick.android.TextNow.activities.DialerActivity component.

The com.enflick.android.TextNow (aka TextNow: Call + Text Unlimited) application 24.17.0.2 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.enflick.android.TextNow.activities.DialerActivity component.

Ссылки

EPSS

Процентиль: 27%

0.00094

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-926

Связанные уязвимости

CVE-2024-36437

CVSS3: 6.5

nvd

около 1 года назад

The com.enflick.android.TextNow (aka TextNow: Call + Text Unlimited) application 24.17.0.2 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.enflick.android.TextNow.activities.DialerActivity component.

EPSS

Процентиль: 27%

0.00094

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-926