Search criteria
2 vulnerabilities found for tv_bro by fedirtsapana
CVE-2023-43955 (GCVE-0-2023-43955)
Vulnerability from nvd – Published: 2023-12-27 00:00 – Updated: 2024-08-02 19:52
VLAI?
Summary
The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:52:11.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/truefedex/tv-bro/pull/182#issue-1901769895"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-27T20:19:41.756Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser"
},
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk"
},
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md"
},
{
"url": "https://github.com/truefedex/tv-bro/pull/182#issue-1901769895"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-43955",
"datePublished": "2023-12-27T00:00:00.000Z",
"dateReserved": "2023-09-25T00:00:00.000Z",
"dateUpdated": "2024-08-02T19:52:11.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43955 (GCVE-0-2023-43955)
Vulnerability from cvelistv5 – Published: 2023-12-27 00:00 – Updated: 2024-08-02 19:52
VLAI?
Summary
The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:52:11.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/truefedex/tv-bro/pull/182#issue-1901769895"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-27T20:19:41.756Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser"
},
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk"
},
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md"
},
{
"url": "https://github.com/truefedex/tv-bro/pull/182#issue-1901769895"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-43955",
"datePublished": "2023-12-27T00:00:00.000Z",
"dateReserved": "2023-09-25T00:00:00.000Z",
"dateUpdated": "2024-08-02T19:52:11.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}