Описание
The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Issue Tracking
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Issue Tracking
Уязвимые конфигурации
Конфигурация 1Версия до 2.0.0 (включая)
cpe:2.3:a:fedirtsapana:tv_bro:*:*:*:*:*:android:*:*
EPSS
Процентиль: 68%
0.00574
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 9.8
github
около 2 лет назад
The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
EPSS
Процентиль: 68%
0.00574
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-94