CVE-2014-1939
N/A
N/A
Summary
java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html
- http://openwall.com/lists/oss-security/2014/02/11/2
- https://support.lenovo.com/us/en/product_security/len_6421
References
- http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html
- http://openwall.com/lists/oss-security/2014/02/11/2
- https://support.lenovo.com/us/en/product_security/len_6421
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.