mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
32 lines
1.0 KiB
JSON
32 lines
1.0 KiB
JSON
{
|
|
"id": "CVE-2023-43955",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2023-12-27T21:15:08.050",
|
|
"lastModified": "2023-12-27T21:37:15.710",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/actuator/com.phlox.tvwebbrowser",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/truefedex/tv-bro/pull/182#issue-1901769895",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |