Lucene search
Hackapp.orgHACKAPP:SMILEYS.WHATSAPP.STICKERS.MSN.APKHistoryApr 01, 2016 - 8:54 a.m.
Smileys whats App - Dynamic Code Loading, External URLs, SD-card access vulnerabilities
2016-04-0108:54:41
Hackapp.org
hackapp.com
8
HackApp vulnerability scanner discovered that application Smileys whats App published at the βplayβ market has multiple vulnerabilities.
Name
Smileys whats AppVendor
Ringtones SoundLink
SMILEYS.WHATSAPP.STICKERS.MSN.APKStore
playVersion
1.0.06- NOTICE
- Unsafe deleting
All items deleted with 'file.delete()' could be recovered.
- External URLs
Were do they point?
- Suspicious files
Are you sure these files should be here?
- MEDIUM
- WebView files access
Control of WebView context allows to access local files.
- WebView JavaScript enabled
WebView 'setJavaScriptEnabled(true)' could be exploited during cross-site scripting attacks.
- Dynamic Code Loading
Code for 'DexClassLoader' could be tampered.
- SD-card access
SD-cards and other external storages have 'worldwide read' policy.
| CPE | Name | Operator | Version |
|---|---|---|---|
| smileys whats app | le | 1.0.06 |