Vulnerability Description
The Call Blocker application 6.6.3 for Android incorrectly opens a key component that an attacker can use to inject large amounts of dirty data into the application's database. When the application starts, it loads the data from the database into memory. Once the attacker injects too much data, the application triggers an OOM error and crashes, resulting in a persistent denial of service.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Applika | Call Blocker | 6.6.3 |
Related Weaknesses (CWE)
References
- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29726/CVE%20detail.mdExploitThird Party Advisory
- https://play.google.com/store/apps/details?id=com.cuiet.blockCallsProduct
- https://www.call-blocker.info/Product
- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29726/CVE%20detail.mdExploitThird Party Advisory
- https://play.google.com/store/apps/details?id=com.cuiet.blockCallsProduct
- https://www.call-blocker.info/Product
FAQ
What is CVE-2023-29726?
CVE-2023-29726 is a vulnerability with a CVSS score of 7.5 (HIGH). The Call Blocker application 6.6.3 for Android incorrectly opens a key component that an attacker can use to inject large amounts of dirty data into the application's database. When the application st...
How severe is CVE-2023-29726?
CVE-2023-29726 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-29726?
Check the references section above for vendor advisories and patch information. Affected products include: Applika Call Blocker.