The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-12-27T00:00:00

Updated: 2024-08-02T19:52:11.829Z

Reserved: 2023-09-25T00:00:00

Link: CVE-2023-43955

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2023-12-27T21:15:08.050

Modified: 2024-01-09T20:06:56.977

Link: CVE-2023-43955

cve-icon Redhat

No data.