What is CVE-2013-4710?

CVE-2013-4710 is a vulnerability in Google Android, classified under Improper Input Validation. Published 2014-03-03.

Is CVE-2013-4710 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Google Android

CVE-2013-4710

Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote attackers to execute arbitrary methods of Java objects or cause a denial…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.764 (99.0th percentile) — read the EPSS interpretation.

Affected products

Google Android — versions 3.0, 3.1, 3.2
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

References

vultures@jpcert.or.jp (x_refsource_CONFIRM)
vultures@jpcert.or.jp (x_refsource_CONFIRM)
JVN#53768697 (x_refsource_JVN, third-party-advisory)
vultures@jpcert.or.jp (x_refsource_CONFIRM)
vultures@jpcert.or.jp (x_refsource_CONFIRM)
[oss-security] 20140218 Re: CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean (mailing-list, x_refsource_MLIST)
vultures@jpcert.or.jp (x_refsource_CONFIRM)
vultures@jpcert.or.jp (x_refsource_CONFIRM)
vultures@jpcert.or.jp (x_refsource_MISC)
JVNDB-2013-000111 (x_refsource_JVNDB, third-party-advisory)

Frequently asked questions

What is CVE-2013-4710?: CVE-2013-4710 is a vulnerability in Google Android, classified under Improper Input Validation. Published 2014-03-03.
Is CVE-2013-4710 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.