4.3

CVE-2013-3642

The Angel Browser application 1.47b and earlier for Android 1.6 through 2.1, 1.62b and earlier for Android 2.2 through 2.3.4, 1.68b and earlier for Android 3.0 through 4.0.3, and 1.76b and earlier for Android 4.1 through 4.2 does not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdgjmAngel Browser Version <= 1.47b
   GoogleAndroid Version1.6
   GoogleAndroid Version2.0
   GoogleAndroid Version2.0.1
   GoogleAndroid Version2.1
AdgjmAngel Browser Version <= 1.62b
   GoogleAndroid Version2.2
   GoogleAndroid Version2.2 Updaterev1
   GoogleAndroid Version2.2.1
   GoogleAndroid Version2.2.2
   GoogleAndroid Version2.2.3
   GoogleAndroid Version2.3
   GoogleAndroid Version2.3.1
   GoogleAndroid Version2.3.2
   GoogleAndroid Version2.3.3
   GoogleAndroid Version2.3.4
AdgjmAngel Browser Version <= 1.68b
   GoogleAndroid Version3.0
   GoogleAndroid Version3.1
   GoogleAndroid Version3.2
   GoogleAndroid Version3.2.1
   GoogleAndroid Version3.2.2
   GoogleAndroid Version3.2.4
   GoogleAndroid Version3.2.6
   GoogleAndroid Version4.0
   GoogleAndroid Version4.0.1
   GoogleAndroid Version4.0.2
   GoogleAndroid Version4.0.3
AdgjmAngel Browser Version <= 1.76b
   GoogleAndroid Version4.1
   GoogleAndroid Version4.1.2
   GoogleAndroid Version4.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.462
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.