CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-3647

The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. NOTE: this vulnerability exists because of a CVE-2012-4009 regression.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.4%

CVSS Severity

CVSS v2 Score 6.8

References

http://jvn.jp/en/jp/JVN19740283/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000060
https://live.cybozu.co.jp/trouble.html?q=2530
http://jvn.jp/en/jp/JVN19740283/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000060
https://live.cybozu.co.jp/trouble.html?q=2530

Products affected by CVE-2013-3647

Cybozu » Cybozu Live » Version: 1.0.4

cpe:2.3:a:cybozu:cybozu_live:1.0.4
Cybozu » Cybozu Live » Version: 2.0.0

cpe:2.3:a:cybozu:cybozu_live:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-3647

Products

Pricing

Contact Us