ID HACKAPP:KANAWAT.COM.VITAMIOTEST.APK
Type hackapp
Reporter Hackapp.org
Modified 2017-02-17T15:10:44
Description
HackApp vulnerability scanner discovered that application 8anawat Arabic published at the 'play' market has multiple vulnerabilities.
{"title": "8anawat Arabic - External URLs, Runtime command execution, SD-card access vulnerabilities", "published": "2017-02-17T15:10:44", "references": ["https://play.google.com/store/apps/details?id=kanawat.com.vitamiotest&hl=en"], "hackapp": {"link": "https://play.google.com/store/apps/details?id=kanawat.com.vitamiotest&hl=en", "store": "play", "release": "2016-09-10T00:00:00", "icon": "http://lh3.googleusercontent.com/JP6VqpS277E9-WPGcWnTjVCgJA5Z5ICzELpBqlQ6wfNFq0lUJEyTJaCqnvP8ifRyqoI=w300", "version": "6.0", "vendor": "8anawat.com", "name": "8anawat Arabic", "bugs": [{"id": "bc726648aca5c6f462359a2397deee58", "description": "Were do they point?", "name": "External URLs", "severity": "notice"}, {"id": "d5811a2899b124efccdf755d121871c1", "description": "All items deleted with 'file.delete()' could be recovered.", "name": "Unsafe deleting", "severity": "notice"}, {"id": "f427b7c2ca87ed2c5d2382b04a90c744", "description": "SD-cards and other external storages have 'worldwide read' policy.", "name": "SD-card access", "severity": "medium"}, {"id": "252f7dc85c81d583b2beb219808bc328", "description": "Function 'Runtime.getRuntime().exec()' is used, please check where variables are come from.", "name": "Runtime command execution", "severity": "medium"}], "apk": "KANAWAT.COM.VITAMIOTEST.APK"}, "type": "hackapp", "enchantments": {"score": {"value": 0.9, "vector": "NONE", "modified": "2017-02-17T15:05:21", "rev": 2}, "dependencies": {"references": [], "modified": "2017-02-17T15:05:21", "rev": 2}, "vulnersScore": 0.9}, "cvelist": [], "viewCount": 30, "affectedSoftware": [{"version": "6.0", "name": "8anawat Arabic", "operator": "le"}], "id": "HACKAPP:KANAWAT.COM.VITAMIOTEST.APK", "modified": "2017-02-17T15:10:44", "href": "https://hackapp.com/report/85d3c90a6ba6d710306f9fbd2a021526", "edition": 1, "description": "HackApp vulnerability scanner discovered that application 8anawat Arabic published at the 'play' market has multiple vulnerabilities.", "bulletinFamily": "software", "reporter": "Hackapp.org", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2017-02-17T15:05:21"}
{}
