mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
52 lines
1.9 KiB
JSON
52 lines
1.9 KiB
JSON
{
|
|
"id": "CVE-2024-53936",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2025-01-06T22:15:10.630",
|
|
"lastModified": "2025-01-08T18:15:17.067",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The com.asianmobile.callcolor (aka Color Phone Call Screen App) application through 24 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.asianmobile.callcolor.ui.component.call.CallActivity component."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "La aplicaci\u00f3n com.asianmobile.callcolor (tambi\u00e9n conocida como Color Phone Call Screen App) de 24 para Android permite que cualquier aplicaci\u00f3n (sin permisos) realice llamadas telef\u00f3nicas sin interacci\u00f3n del usuario enviando una intenci\u00f3n manipulada a trav\u00e9s del componente com.asianmobile.callcolor.ui.component.call.CallActivity."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
|
"baseScore": 6.3,
|
|
"baseSeverity": "MEDIUM",
|
|
"attackVector": "ADJACENT_NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "LOW"
|
|
},
|
|
"exploitabilityScore": 2.8,
|
|
"impactScore": 3.4
|
|
}
|
|
]
|
|
},
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/actuator/com.asianmobile.callcolor",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/actuator/com.asianmobile.callcolor/blob/main/CVE-2024-53936",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |