CVE-2013-2306

The jigbrowser+ application before 1.6.4 for Android does not properly open windows, which allows remote attackers to spoof the address bar via a crafted web site.