Design/Logic Flaw

2017-04-1317:59:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.4%

JSON

HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies.

CPENameOperatorVersion
androideq2.2.3
androideq3.2.6
androideq5.1.0
androideq4.2
androideq4.1
androideq3.2.4
androideq5.0.2
androideq6.0
androideq3.2
androideq3.2.2

Name	Operator	Version
android	eq	2.2.3
android	eq	3.2.6
android	eq	5.1.0
android	eq	4.2
android	eq	4.1
android	eq	3.2.4
android	eq	5.0.2
android	eq	6.0
android	eq	3.2
android	eq	3.2.2

Rows per page:

1-10 of 451

References

www.securityfocus.com/bid/97662

android.googlesource.com/platform/external/okhttp/+/71b9f47b26fb57ac3e436a19519c6e3ec70e86eb

jvn.jp/vu/JVNVU99757346/index.html