Back to search
CVE-2014-1885
Published: Mar 3, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Google syndication advertising domain.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf
x_refsource_MISC
http://www.internetsociety.org/ndss2014/programme#session3
x_refsource_MISC
[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now