CVE-2024-31974

> The com.solarized.firedown (aka Solarized FireDown Browser & Downloader) application 1.0.76 for Android allows a remote
> attacker to execute arbitrary JavaScript code via a crafted intent.
> com.solarized.firedown.IntentActivity uses a WebView
> component to display web content and doesn't adequately sanitize the
> URI or any extra data passed in the intent by any installed application
> (with no permissions).
>
> ------------------------------------------
>
> [Additional Information]
> Fixed as of Version 1.0.88
> 
>
> ------------------------------------------
>
> [VulnerabilityType Other]
> CWE-94: Improper Control of Generation of Code ('Code Injection')
>
> ------------------------------------------
>
> [Vendor of Product]
> Solarized
>
> ------------------------------------------
>
> [Affected Product Code Base]
> FireDown Browser & Downloader - Version: 1.0.76
> 
> ------------------------------------------
>
> [Affected Component]
> Exported android activity component 'com.solarized.firedown.IntentActivity'
>
> ------------------------------------------
>
> [Attack Type]
> Remote
>
> ------------------------------------------
>
> [Impact Code execution]
> true
>
> ------------------------------------------
>
> [Impact Information Disclosure]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> The application allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the 'com.solarized.firedown.IntentActivity' activity.
>
> ------------------------------------------
>
> [Reference]
> https://play.google.com/store/apps/details?id=com.solarized.firedown
> https://github.com/actuator/com.solarized.firedown/blob/main/1.0.76.gif
> ------------------------------------------
>
> [Has vendor confirmed or acknowledged the vulnerability?]
> true
>
> ------------------------------------------
>
> [Discoverer]
> Edward Warren