CVE-2023-29726

The Call Blocker application 6.6.3 for Android incorrectly opens a key component that an attacker can use to inject large amounts of dirty data into the application's database. When the application starts, it loads the data from the database into memory. Once the attacker injects too much data, the application triggers an OOM error and crashes, resulting in a persistent denial of service.
Configurations

Configuration 1 (hide)

cpe:2.3:a:applika:call_blocker:6.6.3:*:*:*:*:android:*:*

History

07 Jun 2023, 02:39

Type Values Removed Values Added
References (MISC) https://play.google.com/store/apps/details?id=com.cuiet.blockCalls - (MISC) https://play.google.com/store/apps/details?id=com.cuiet.blockCalls - Product
References (MISC) https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29726/CVE%20detail.md - (MISC) https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29726/CVE%20detail.md - Exploit, Third Party Advisory
References (MISC) https://www.call-blocker.info/ - (MISC) https://www.call-blocker.info/ - Product
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CPE cpe:2.3:a:applika:call_blocker:6.6.3:*:*:*:*:android:*:*
CWE CWE-404
First Time Applika call Blocker
Applika

30 May 2023, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-30 23:15

Updated : 2023-12-10 15:01


NVD link : CVE-2023-29726

Mitre link : CVE-2023-29726

CVE.ORG link : CVE-2023-29726


JSON object : View

Products Affected

applika

  • call_blocker
CWE
CWE-404

Improper Resource Shutdown or Release