Search
Find a vulnerability
Search criteria
2 vulnerabilities found for tv_bro by fedirtsapana
CVE-2023-43955 (GCVE-0-2023-43955)
Vulnerability from nvd – Published: 2023-12-27 00:00 – Updated: 2024-08-02 19:52
VLAI
EPSS
VEX
Summary
The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:52:11.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/truefedex/tv-bro/pull/182#issue-1901769895"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-27T20:19:41.756Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser"
},
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk"
},
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md"
},
{
"url": "https://github.com/truefedex/tv-bro/pull/182#issue-1901769895"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-43955",
"datePublished": "2023-12-27T00:00:00.000Z",
"dateReserved": "2023-09-25T00:00:00.000Z",
"dateUpdated": "2024-08-02T19:52:11.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43955 (GCVE-0-2023-43955)
Vulnerability from cvelistv5 – Published: 2023-12-27 00:00 – Updated: 2024-08-02 19:52
VLAI
EPSS
VEX
Summary
The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:52:11.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/truefedex/tv-bro/pull/182#issue-1901769895"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-27T20:19:41.756Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser"
},
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk"
},
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md"
},
{
"url": "https://github.com/truefedex/tv-bro/pull/182#issue-1901769895"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-43955",
"datePublished": "2023-12-27T00:00:00.000Z",
"dateReserved": "2023-09-25T00:00:00.000Z",
"dateUpdated": "2024-08-02T19:52:11.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}