- 漏洞信息

97520
Android WebView Class addJavascriptInterface Method Web Content Viewing Public Arbitrary Java Method Access
Context Dependent, Mobile Phone / Hand-held Device Input Manipulation
Loss of Integrity Upgrade
Exploit Unknown Uncoordinated Disclosure

- 漏洞描述

Android contains a flaw in the addJavascriptInterface method in the WebView class. The issue is triggered when viewing web content. This may allow a context-dependent attacker to gain access to arbitrary java methods.

- 时间线

2013-09-15 Unknow
Unknow Unknow

- 解决方案

It has been reported that this issue has been fixed. Upgrade to version 4.2, or higher, to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站