Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2014-4968
HistoryFeb 12, 2020 - 1:15 a.m.

CVE-2014-4968

2020-02-1201:15:10
[email protected]
web.nvd.nist.gov
6

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.041

Percentile

92.2%

JSON

The WebView class and use of the WebView.addJavascriptInterface method in the Boat Browser application 8.0 and 8.0.1 for Android allow remote attackers to execute arbitrary code via a crafted web site, a related issue to CVE-2012-6636.

Affected configurations

Nvd
Node
boatmobboat_browserMatch8.0android
OR
boatmobboat_browserMatch8.0.1android
VendorProductVersionCPE
boatmobboat_browser8.0cpe:2.3:a:boatmob:boat_browser:8.0:*:*:*:*:android:*:*
boatmobboat_browser8.0.1cpe:2.3:a:boatmob:boat_browser:8.0.1:*:*:*:*:android:*:*

Related

exploitdb 2
cve 4
prion 4
cvelist 4
packetstorm 1
exploitpack 1
jvn 1
zdt 2
seebug 1
nvd 3
ubuntucve 1
metasploit 1
android 1
lenovo 2
exploitdb
exploitdb
Boat Browser 8.0/8.0.1 - Remote Code Execution
2014-07-16 00:00:00
Google Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit)
2012-12-21 00:00:00
cve
cve
CVE-2014-4968
2020-02-12 01:15:10
CVE-2014-0514
2014-04-15 23:13:14
CVE-2012-6636
2014-03-03 04:50:46
prion
prion
Design/Logic Flaw
2020-02-12 01:15:00
Design/Logic Flaw
2014-04-15 23:13:00
Server side request forgery (ssrf)
2014-03-03 04:50:00
cvelist
cvelist
CVE-2014-4968
2020-02-12 00:19:24
CVE-2012-6636
2014-03-03 02:00:00
CVE-2014-0514
2014-04-15 20:00:00
packetstorm
packetstorm
Boat Browser 8.0 / 8.0.1 Remote Code Execution
2014-07-16 00:00:00
exploitpack
exploitpack
Boat Browser 8.08.0.1 - Remote Code Execution
2014-07-16 00:00:00
jvn
jvn
JVN#62161191: JavaFX WebEngine does not properly restrict Java method execution
2020-07-28 00:00:00
zdt
zdt
Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability
2014-07-17 00:00:00
Android 4.2 Browser and WebView - addJavascriptInterface Code Execution Exploit
2017-03-23 00:00:00
seebug
seebug
Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability
2014-07-17 00:00:00
nvd
nvd
CVE-2012-6636
2014-03-03 04:50:46
CVE-2013-4710
2014-03-03 04:50:46
CVE-2014-0514
2014-04-15 23:13:14
ubuntucve
ubuntucve
CVE-2012-6636
2014-03-03 00:00:00
metasploit
metasploit
Android Browser and WebView addJavascriptInterface Code Execution
2014-02-13 20:19:59
android
android
JavaScript to Java
2012-12-21 00:00:00
lenovo
lenovo
SHAREit for Android Vulnerabilities - Lenovo Support US
2017-05-08 00:00:00
SHAREit for Android Vulnerabilities
2017-05-08 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.041

Percentile

92.2%

JSON
Related for NVD:CVE-2014-4968
exploitdb2cve4prion4cvelist4packetstorm1exploitpack1jvn1zdt2seebug1nvd3ubuntucve1metasploit1android1lenovo2