PT-2013-4535 · Google · Android
Gaku Mochizuki
·
Published
2013-06-17
·
Updated
2013-06-17
·
CVE-2013-3642
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Angel Browser application versions 1.47b and earlier for Android 1.6 through 2.1
Angel Browser application versions 1.62b and earlier for Android 2.2 through 2.3.4
Angel Browser application versions 1.68b and earlier for Android 3.0 through 4.0.3
Angel Browser application versions 1.76b and earlier for Android 4.1 through 4.2
Description
The issue arises from the improper implementation of the WebView class in the Angel Browser application, allowing attackers to obtain sensitive information via a crafted application.
Recommendations
For Angel Browser application versions 1.47b and earlier for Android 1.6 through 2.1, update to a version later than 1.47b.
For Angel Browser application versions 1.62b and earlier for Android 2.2 through 2.3.4, update to a version later than 1.62b.
For Angel Browser application versions 1.68b and earlier for Android 3.0 through 4.0.3, update to a version later than 1.68b.
For Angel Browser application versions 1.76b and earlier for Android 4.1 through 4.2, update to a version later than 1.76b.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android