PT-2013-4535 · Google · Android
Gaku Mochizuki
·
Publicado
2013-06-17
·
Atualizado
2013-06-17
·
CVE-2013-3642
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Angel Browser application versions 1.47b and earlier for Android 1.6 through 2.1
Angel Browser application versions 1.62b and earlier for Android 2.2 through 2.3.4
Angel Browser application versions 1.68b and earlier for Android 3.0 through 4.0.3
Angel Browser application versions 1.76b and earlier for Android 4.1 through 4.2
Description
The issue arises from the improper implementation of the WebView class in the Angel Browser application, allowing attackers to obtain sensitive information via a crafted application.
Recommendations
For Angel Browser application versions 1.47b and earlier for Android 1.6 through 2.1, update to a version later than 1.47b.
For Angel Browser application versions 1.62b and earlier for Android 2.2 through 2.3.4, update to a version later than 1.62b.
For Angel Browser application versions 1.68b and earlier for Android 3.0 through 4.0.3, update to a version later than 1.68b.
For Angel Browser application versions 1.76b and earlier for Android 4.1 through 4.2, update to a version later than 1.76b.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android