CVE-2014-4968

Опубликовано: 12 фев. 2020

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

The WebView class and use of the WebView.addJavascriptInterface method in the Boat Browser application 8.0 and 8.0.1 for Android allow remote attackers to execute arbitrary code via a crafted web site, a related issue to CVE-2012-6636.

Ссылки

http://www.exploit-db.com/exploits/34088/
Exploit
Third Party Advisory
VDB Entry
http://www.exploit-db.com/exploits/34088/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:boatmob:boat_browser:8.0:*:*:*:*:android:*:*

cpe:2.3:a:boatmob:boat_browser:8.0.1:*:*:*:*:android:*:*

EPSS

Процентиль: 89%

0.04317

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-vw4x-mjrq-7hfm