CVE Vulnerabilities

CVE-2014-1886

Published: Mar 03, 2014 | Modified: Apr 12, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM
root.io minimus.io echohq.com

The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of obscure Eastern European dating sites.

Affected Software

Name Vendor Start Version End Version
Edinburgh_by_bus Edinburghtour - (including) - (including)
Cordova-ubuntu Ubuntu saucy *
Cordova-ubuntu Ubuntu trusty *
Cordova-ubuntu Ubuntu utopic *
Cordova-ubuntu Ubuntu vivid *
Cordova-ubuntu Ubuntu wily *
Cordova-ubuntu-3.4 Ubuntu artful *
Cordova-ubuntu-3.4 Ubuntu trusty *
Cordova-ubuntu-3.4 Ubuntu utopic *
Cordova-ubuntu-3.4 Ubuntu vivid *
Cordova-ubuntu-3.4 Ubuntu wily *
Cordova-ubuntu-3.4 Ubuntu xenial *
Cordova-ubuntu-3.4 Ubuntu yakkety *
Cordova-ubuntu-3.4 Ubuntu zesty *

References