Vulnerability Description
The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opened. By injecting data, the attacker can force the application to load malicious image URLs and display them in the UI. As the amount of data increases, it will eventually cause the application to trigger an OOM error and crash, resulting in a persistent denial of service attack.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Glitter Unicorn Wallpaper Project | Glitter Unicorn Wallpaper | >= 7.0, <= 8.0 |
References
- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29723/CVE%20detail.mdExploitThird Party Advisory
- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29723/CVE%20detail.mdExploitThird Party Advisory
FAQ
What is CVE-2023-29723?
CVE-2023-29723 is a vulnerability with a CVSS score of 7.5 (HIGH). The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unauthorized applications to actively request permission to insert data into the database that records information about a user's pers...
How severe is CVE-2023-29723?
CVE-2023-29723 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-29723?
Check the references section above for vendor advisories and patch information. Affected products include: Glitter Unicorn Wallpaper Project Glitter Unicorn Wallpaper.