Lucene search
HistoryMar 03, 2014 - 4:50 a.m.
CVE-2014-1885
forzearmate
android
remote code execution
write access
adobe phonegap
cve-2014-1885
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.016 Low
EPSS
Percentile
87.3%
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Google syndication advertising domain.
Affected configurations
Node
hsgroupforzearmateMatch-android
adobephonegapMatch2.0.0
ORadobephonegapMatch2.0.0rc1
ORadobephonegapMatch2.1.0
ORadobephonegapMatch2.2.0
ORadobephonegapMatch2.2.0rc1
ORadobephonegapMatch2.2.0rc2
ORadobephonegapMatch2.3.0
ORadobephonegapMatch2.3.0rc1
ORadobephonegapMatch2.3.0rc2
ORadobephonegapMatch2.4.0
ORadobephonegapMatch2.4.0rc1
ORadobephonegapMatch2.5.0
ORadobephonegapMatch2.5.0rc1
ORadobephonegapMatch2.6.0
ORadobephonegapMatch2.6.0rc1
ORadobephonegapMatch2.7.0
ORadobephonegapMatch2.7.0rc1
ORadobephonegapMatch2.8.0
ORadobephonegapMatch2.8.1
ORadobephonegapMatch2.9.0
ORadobephonegapMatch2.9.0rc1
| CPE | Name | Operator | Version |
|---|---|---|---|
| hsgroup:forzearmate | hsgroup forzearmate | eq | - |
Related
ubuntucve
ubuntucve
CVE-2014-1885
2014-03-03 00:00:00
nvd
nvd
CVE-2014-1885
2014-03-03 04:50:46
cvelist
cvelist
CVE-2014-1885
2014-03-03 02:00:00
seebug
seebug
The ForzeArmate application安全绕过任意Javascript代码执行漏洞
2014-03-07 00:00:00
prion
prion
Code injection
2014-03-03 04:50:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.016 Low
EPSS
Percentile
87.3%
Related for CVE-2014-1885