CVE-2015-7893
published 2017-04-11CVE-2015-7893: SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript.
PriorityP258high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
7.38%
93.6th percentile
SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript.
Detection & IOCsextracted from sources · hover to see the quote
- →Look for HTML emails containing inline <script> tags or JavaScript event handlers being rendered inside a WebView by SecEmailUI.apk on Samsung Galaxy S6 devices. ↗
- →Monitor for the Android intent com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND being invoked with attacker-controlled HTML payloads, which can trigger script execution in the email composer context. ↗
- →Alert on JavaScript accessing document.location within the Samsung email WebView context; successful exploitation produces a URL of the form email://M/N confirming script execution. ↗
- →Watch for outbound HTTP POST requests from the Samsung email application process that may indicate exfiltration of email content via injected JavaScript. ↗
- ·The WebView's access to local files and other emails was not fully confirmed by the researcher; the full attack surface depends on the WebView configuration in SecEmailUI.apk. ↗
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4xj3-xxm9-m323: SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript
ghsa_unreviewed·2022-05-17
CVE-2015-7893 [HIGH] CWE-20 GHSA-4xj3-xxm9-m323: SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript
SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript.
Project0
Hack The Galaxy: Hunting Bugs in the Samsung Galaxy S6 Edge - Project Zero
project_zero·2015-11-01
CVE-2015-7888 Hack The Galaxy: Hunting Bugs in the Samsung Galaxy S6 Edge - Project Zero
Posted by Natalie Silvanovich, Planner of Bug Bashes
Recently, Project Zero researched a popular Android phone, the Samsung Galaxy S6 Edge. We discovered and reported 11 high-impact security issues as a result. This post discusses our motivations behind the research, our approach in looking for vulnerabilities on the device and what we learned by investigating it.
The majority of Android devices are not made by Google, but by external companies known as Original Equipment Manufacturers or OEMs which use the Android Open-Source Project (AOSP) as the basis for mobile devices which they manufacture. OEMs are an important area for Android security research, as they introduce additional (and possibly vulnerable) code into Android devices at all privilege levels, and they decide the frequenc
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/135643/Samsung-SecEmailUI-Script-Injection.htmlhttp://www.securityfocus.com/bid/77431https://bugs.chromium.org/p/project-zero/issues/detail?id=494&q=samsung&redir=1https://googleprojectzero.blogspot.ie/2015/11/hack-galaxy-hunting-bugs-in-samsung.htmlhttps://www.exploit-db.com/exploits/38554/http://packetstormsecurity.com/files/135643/Samsung-SecEmailUI-Script-Injection.htmlhttp://www.securityfocus.com/bid/77431https://bugs.chromium.org/p/project-zero/issues/detail?id=494&q=samsung&redir=1https://googleprojectzero.blogspot.ie/2015/11/hack-galaxy-hunting-bugs-in-samsung.htmlhttps://www.exploit-db.com/exploits/38554/
2017-04-11
Published