Denial of service

2023-06-0103:15:00

PRIOn knowledge base

www.prio-n.com

android

denial of service

sharedpreference

injection

crash

nvd

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.6%

JSON

Story Saver for Instragram - Video Downloader 1.0.6 for Android has an exposed component that provides a method to modify the SharedPreference file. An attacker can leverage this method to inject a large amount of data into any SharedPreference file, which will be loaded into memory when the application is opened. When an attacker injects too much data, the application will trigger an OOM error and crash at startup, resulting in a persistent denial of service.

CPENameOperatorVersion
story_saver_for_instagram_-_video_downloadereq1.0.6

CPE	Name	Operator	Version
	story_saver_for_instagram_-_video_downloader	eq	1.0.6

References

apksos.com/app/story.saver.downloader.photo.video.repost.byrk

github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29748/CVE%20detail.md

play.google.com/store/apps/details?id=ru.yandex.yandexnavi

www.instagram.com/nihans_macrame/