Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2014-1886
HistoryMar 03, 2014 - 4:50 a.m.

CVE-2014-1886

2014-03-0304:50:46
CWE-264
mitre
web.nvd.nist.gov
18
edinburgh by bus
android
security vulnerability
remote code execution
adobe phonegap
cve-2014-1886

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.011

Percentile

84.3%

JSON

The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of “obscure Eastern European dating sites.”

Affected configurations

Nvd
Node
edinburghtouredinburgh_by_busMatch-android
AND
adobephonegapMatch2.0.0
OR
adobephonegapMatch2.0.0rc1
OR
adobephonegapMatch2.1.0
OR
adobephonegapMatch2.2.0
OR
adobephonegapMatch2.2.0rc1
OR
adobephonegapMatch2.2.0rc2
OR
adobephonegapMatch2.3.0
OR
adobephonegapMatch2.3.0rc1
OR
adobephonegapMatch2.3.0rc2
OR
adobephonegapMatch2.4.0
OR
adobephonegapMatch2.4.0rc1
OR
adobephonegapMatch2.5.0
OR
adobephonegapMatch2.5.0rc1
OR
adobephonegapMatch2.6.0
OR
adobephonegapMatch2.6.0rc1
OR
adobephonegapMatch2.7.0
OR
adobephonegapMatch2.7.0rc1
OR
adobephonegapMatch2.8.0
OR
adobephonegapMatch2.8.1
OR
adobephonegapMatch2.9.0
OR
adobephonegapMatch2.9.0rc1
VendorProductVersionCPE
edinburghtouredinburgh_by_bus-cpe:2.3:a:edinburghtour:edinburgh_by_bus:-:*:*:*:*:android:*:*
adobephonegap2.0.0cpe:2.3:a:adobe:phonegap:2.0.0:*:*:*:*:*:*:*
adobephonegap2.0.0cpe:2.3:a:adobe:phonegap:2.0.0:rc1:*:*:*:*:*:*
adobephonegap2.1.0cpe:2.3:a:adobe:phonegap:2.1.0:*:*:*:*:*:*:*
adobephonegap2.2.0cpe:2.3:a:adobe:phonegap:2.2.0:*:*:*:*:*:*:*
adobephonegap2.2.0cpe:2.3:a:adobe:phonegap:2.2.0:rc1:*:*:*:*:*:*
adobephonegap2.2.0cpe:2.3:a:adobe:phonegap:2.2.0:rc2:*:*:*:*:*:*
adobephonegap2.3.0cpe:2.3:a:adobe:phonegap:2.3.0:*:*:*:*:*:*:*
adobephonegap2.3.0cpe:2.3:a:adobe:phonegap:2.3.0:rc1:*:*:*:*:*:*
adobephonegap2.3.0cpe:2.3:a:adobe:phonegap:2.3.0:rc2:*:*:*:*:*:*
Rows per page:
1-10 of 221

Related

prion 1
nvd 1
seebug 1
ubuntucve 1
cvelist 1
prion
prion
Code injection
2014-03-03 04:50:00
nvd
nvd
CVE-2014-1886
2014-03-03 04:50:46
seebug
seebug
Edinburgh by Bus application安全绕过任意Javascript代码执行漏洞
2014-03-07 00:00:00
ubuntucve
ubuntucve
CVE-2014-1886
2014-03-03 00:00:00
cvelist
cvelist
CVE-2014-1886
2014-03-03 02:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.011

Percentile

84.3%

JSON
Related for CVE-2014-1886
prion1nvd1seebug1ubuntucve1cvelist1