CVE-2023-29726

Exploit

EPSS 0.26%
Veröffentlicht 30.05.2023 23:15:09
Zuletzt bearbeitet 13.01.2025 21:15:11
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Call Blocker application 6.6.3 for Android incorrectly opens a key component that an attacker can use to inject large amounts of dirty data into the application's database. When the application starts, it loads the data from the database into memory. Once the attacker injects too much data, the application triggers an OOM error and crashes, resulting in a persistent denial of service.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Applika ≫ Call Blocker Version6.6.3 SwPlatformandroid

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.26%	0.489

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29726/CVE%20detail.md

Third Party Advisory

Exploit

https://play.google.com/store/apps/details?id=com.cuiet.blockCalls

Product

https://www.call-blocker.info/

Product

https://nvd.nist.gov/vuln/detail/CVE-2023-29726

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-29726

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-29726

EUVD