CVE-2014-1887

Name of the Vulnerable Software and Affected Versions DrinkedIn BarFinder application for Android versions with Adobe PhoneGap 2.9.0 or earlier

Description The issue allows remote attackers to execute arbitrary JavaScript code and obtain sensitive fine-geolocation information by leveraging control over certain adult sites. This can be achieved by exploiting the vulnerability in the DrinkedIn BarFinder application when it uses Adobe PhoneGap 2.9.0 or earlier.

Recommendations For DrinkedIn BarFinder application for Android versions with Adobe PhoneGap 2.9.0 or earlier, consider updating Adobe PhoneGap to a version later than 2.9.0 to mitigate the risk of arbitrary JavaScript code execution. As a temporary workaround, restrict access to the application's geolocation features until a patch is available.