PT-2014-4342 · Google+1 · Forzearmate+1
Published
2014-03-03
·
Updated
2014-03-07
·
CVE-2014-1885
CVSS v2.0
6.4
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
ForzeArmate application for Android versions with Adobe PhoneGap 2.9.0 or earlier
Description
The issue allows remote attackers to execute arbitrary JavaScript code and obtain write access to external-storage resources by leveraging control over any Google syndication advertising domain.
Recommendations
For versions with Adobe PhoneGap 2.9.0 or earlier, update Adobe PhoneGap to a version later than 2.9.0 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phonegap
Forzearmate