Vulnerability Details : CVE-2023-29726
Potential exploit
The Call Blocker application 6.6.3 for Android incorrectly opens a key component that an attacker can use to inject large amounts of dirty data into the application's database. When the application starts, it loads the data from the database into memory. Once the attacker injects too much data, the application triggers an OOM error and crashes, resulting in a persistent denial of service.
Vulnerability category: Denial of service
Products affected by CVE-2023-29726
- cpe:2.3:a:applika:call_blocker:6.6.3:*:*:*:*:android:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-29726
0.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 34 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-29726
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-01-13 |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2023-29726
-
The product does not release or incorrectly releases a resource before it is made available for re-use.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2023-29726
-
https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29726/CVE%20detail.md
SO-CVEs/CVE detail.md at main · LianKee/SO-CVEs · GitHubExploit;Third Party Advisory
-
https://play.google.com/store/apps/details?id=com.cuiet.blockCalls
Call Blocker - Caller ID - Apps on Google PlayProduct
-
https://www.call-blocker.info/
Call Blocker – Call Blocker – block incoming and outgoing callsProduct
Jump to