virus logo Intrusion Prevention

Android.Browser.WebView.AddJavascriptInterface.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a Code Execution Vulnerability in Android WebKit WebViews.
The vulnerability is due to an error when a vulnerable module handles a crafted HTML file with arbitrary Javascript code. A remote attacker could exploit this to execute arbitrary code execution within the context of the application, via a crafted HTML file.

affected-products-logoAffected Products

Google Android Webkit WebView API version 17 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version from the vendor.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-10-28 16.951 Sig Added

References

https://labs.mwrinfosecurity.com/advisories/2013/09/24/webview-addjavascriptinterface-remote-code-execution/
ID 37997
Created Mar 10, 2014
Updated Oct 27, 2020
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Other
Affected App Other