HIGH🇬🇧 English

CVE-2016-6799

CVSS 7.5v3.0pub. 2017-05-09upd. 2026-05-13

Product: Apache Cordova Android 5.2.2 and earlier. The application calls methods of the Log class. Messages passed to these methods (Log.v(), Log.d(), Log.i(), Log.w(), and Log.e()) are stored in a series of circular buffers on the device. By default, a maximum of four 16 KB rotated logs are kept in addition to the current log. The logged data can be read using Logcat on the device. When using platforms prior to Android 4.1 (Jelly Bean), the log data is not sandboxed per application; any application installed on the device has the capability to read data logged by other applications.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Apache Cordova

    APP
    Apache
    ≤ 5.2.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2014-0073CRITICAL9.8ten sam produkt

The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrow...

CVE-2021-21315HIGH7.1⚠ KEVten sam produkt

The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of f...

CVE-2017-3160HIGH7.4ten sam produkt

After the Android platform is added to Cordova the first time, or after a project is created using the build s...

CVE-2014-0072HIGH7.5ten sam produkt

ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone plugin (org.apache.cordova.file-transfer)...

CVE-2014-1882HIGH7.5ten sam produkt

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intende...