46 matches found
EUVD-2014-1946
Malware in sbrugna...
EUVD-2014-1945
Malware in sbrugna...
EUVD-2012-6483
Malware in sbrugna...
EUVD-2014-1949
Malware in sbrugna...
EUVD-2014-1943
Malware in sbrugna...
CVE-2018-4943
Adobe PhoneGap Push Plugin versions 1.8.0 and earlier have an exploitable Same-Origin Method Execution vulnerability. Successful exploitation could lead to JavaScript code execution in the context of the PhoneGap app...
CVE-2018-4943
Adobe PhoneGap Push Plugin versions 1.8.0 and earlier have an exploitable Same-Origin Method Execution vulnerability. Successful exploitation could lead to JavaScript code execution in the context of the PhoneGap app...
Adobe PhoneGap Push plugin code execution vulnerability
Adobe PhoneGap Push Plugin is a messaging push plugin for Adobe products from the American company Audobee Adobe. A code execution vulnerability exists in Adobe PhoneGap Push Plugin version 1.8.0 and earlier. A remote attacker can exploit this vulnerability by tricking a user into performing a...
The ForzeArmate application安全绕过任意Javascript代码执行漏洞
CVE ID:CVE-2014-1885 The ForzeArmate application是一款基于安卓的应用。 当使用Adobe PhoneGap 2.9.0或之前版本时The ForzeArmate application存在安全漏洞,允许远程攻击者控制任意某一Google联合广告域,来执行任意JavaScript代码,获取外部存储资源。 0 The ForzeArmate application for Android 目前没有详细解决方案提供:...
Edinburgh by Bus application安全绕过任意Javascript代码执行漏洞
CVE ID:CVE-2014-1886 DrinkedIn BarFinder application是一款基于安卓的应用。 当使用Adobe PhoneGap 2.9.0或之前版本时Edinburgh by Bus application存在安全漏洞,允许远程攻击者控制某些站点,来执行任意JavaScript代码,获取外部存储资源。 0 Edinburgh by Bus application for Android 目前没有详细解决方案提供:...
Adobe PhoneGap设备资源限制绕过漏洞
CVE ID:CVE-2014-1883 Apache PhoneGap是一款容易使用HTML5和JavaScript构建跨平台的移动应用的流行开源平台。 安卓平台上的Adobe PhoneGap使用shouldOverrideUrlLoading回调来代替正确的shouldInterceptRequest回调,允许攻击者利用漏洞通过特制的XMLHttpRequest方法来绕过设备资源限制,执行恶意操作。 0 Adobe PhoneGap 2.6.0 目前没有详细解决方案提供: https://cordova.apache.org/...
DrinkedIn BarFinder application安全绕过任意Javascript代码执行漏洞
CVE ID:CVE-2014-1887 DrinkedIn BarFinder application是一款基于安卓的应用。 当使用Adobe PhoneGap 2.9.0或之前版本时DrinkedIn BarFinder application存在安全漏洞,允许远程攻击者控制类似freelifetimecheating.com和www.babesroulette.com之类的站点,来执行任意JavaScript代码,获取地理信息。 0 DrinkedIn BarFinder application for Android 目前没有详细解决方案提供:...
CVE-2014-1882
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated...
CVE-2014-1885
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Google syndication advertising domain...
CVE-2014-1881
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler...
CVE-2014-1886
The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of "obscure Eastern European dating sites."...
CVE-2014-1884
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed 1 in an IFRAME element or 2 with the XMLHttpRequest...
CVE-2012-6637
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name that contains an acceptable name as an initial substring...
Design/Logic Flaw
The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information, by leveraging control over one of a number of adult sites, as demonstrated b...
Code injection
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler...