Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker to initiate phone calls without user consent, because of improper export of the com.cutestudio.dialer.activities.DialerActivity component. A third-party application (without any permissions) can craft an intent targeting com.cutestudio.dialer.activities.DialerActivity via the android.intent.action.CALL action in conjunction with a tel: URI, thereby placing a phone call.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Color Phone 安全漏洞
Vulnerability Description
Color Phone是一款可以更换主题的拨号器。 Color Phone 2.1.8-2及之前版本存在安全漏洞,该漏洞源于允许远程攻击者在未经用户同意的情况下发起电话呼叫。
CVSS Information
N/A
Vulnerability Type
N/A