Vulnerabilities > CVE-2014-4968 - Unspecified vulnerability in Boatmob Boat Browser 8.0/8.0.1

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
boatmob
exploit available

Summary

The WebView class and use of the WebView.addJavascriptInterface method in the Boat Browser application 8.0 and 8.0.1 for Android allow remote attackers to execute arbitrary code via a crafted web site, a related issue to CVE-2012-6636.

Vulnerable Configurations

Part Description Count
Application
Boatmob
2

Exploit-Db

descriptionBoat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability. CVE-2014-4968. Remote exploit for android platform
idEDB-ID:34088
last seen2016-02-03
modified2014-07-16
published2014-07-16
reporterc0otlass
sourcehttps://www.exploit-db.com/download/34088/
titleBoat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/127498/boatbrowser-exec.txt
idPACKETSTORM:127498
last seen2016-12-05
published2014-07-16
reporterc0otlass
sourcehttps://packetstormsecurity.com/files/127498/Boat-Browser-8.0-8.0.1-Remote-Code-Execution.html
titleBoat Browser 8.0 / 8.0.1 Remote Code Execution