| |
Vulnerability CVE-2013-3642
Published: 2013-06-16 Modified: 2013-06-17
| Description: |
The Angel Browser application 1.47b and earlier for Android 1.6 through 2.1, 1.62b and earlier for Android 2.2 through 2.3.4, 1.68b and earlier for Android 3.0 through 4.0.3, and 1.76b and earlier for Android 4.1 through 4.2 does not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application. |
Type:
CWE-200 (Information Exposure)
CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.3/10 |
2.9/10 |
8.6/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000055
http://jvn.jp/en/jp/JVN79301570/index.html
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
