Remote Code Execution and External Storage Access Vulnerability in Edinburgh by Bus Android App

Remote Code Execution and External Storage Access Vulnerability in Edinburgh by Bus Android App

CVE-2014-1886 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of "obscure Eastern European dating sites."

Learn more about our Cis Benchmark Audit For Google Android.