6.8
CVE-2012-6636
- EPSS 60.55%
- Published 03.03.2014 04:50:46
- Last modified 12.04.2025 10:46:40
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded into the WebView component in an application targeted to API level 16 or earlier, a related issue to CVE-2013-4710.
Data is provided by the National Vulnerability Database (NVD)
Google ≫ Android Api Version <= 16.0
Google ≫ Android Api Version1.0
Google ≫ Android Api Version2.0
Google ≫ Android Api Version3.0
Google ≫ Android Api Version4.0
Google ≫ Android Api Version5.0
Google ≫ Android Api Version6.0
Google ≫ Android Api Version7.0
Google ≫ Android Api Version8.0
Google ≫ Android Api Version9.0
Google ≫ Android Api Version10.0
Google ≫ Android Api Version11.0
Google ≫ Android Api Version12.0
Google ≫ Android Api Version13.0
Google ≫ Android Api Version14.0
Google ≫ Android Api Version15.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 60.55% | 0.982 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|