CVE-2014-1887

The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information, by leveraging control over one of a number of adult sites, as demonstrated by (1) freelifetimecheating.com and (2) www.babesroulette.com.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:P/I:N/A:N
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cordova-ubuntu
jammy
dne
impish
dne
hirsute
dne
groovy
dne
focal
dne
eoan
dne
disco
dne
cosmic
dne
bionic
dne
artful
dne
zesty
dne
yakkety
dne
xenial
dne
wily
ignored
vivid
ignored
utopic
ignored
trusty
dne
saucy
ignored
quantal
dne
precise
dne
lucid
dne
cordova-ubuntu-3.4
jammy
dne
impish
dne
hirsute
dne
groovy
dne
focal
dne
eoan
dne
disco
dne
cosmic
dne
bionic
dne
artful
ignored
zesty
ignored
yakkety
ignored
xenial
not-affected
wily
ignored
vivid
ignored
utopic
ignored
trusty
dne
saucy
dne
quantal
dne
precise
dne
lucid
dne
Common Weakness Enumeration
References
http://openwall.com/lists/oss-security/2014/02/07/9
http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf
http://www.internetsociety.org/ndss2014/programme#session3
http://openwall.com/lists/oss-security/2014/02/07/9
http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf
http://www.internetsociety.org/ndss2014/programme#session3