CVE-2015-7893

HIGH

Samsung Galaxy S6 - Remote Code Execution via HTML Email Content

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-7893. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a JavaScript injection vulnerability in the Samsung email client (SecEmailUI.apk) by sending a malicious HTML email. The script executes arbitrary JavaScript in the context of the WebView, potentially leaking sensitive information like email content or local files.

Description

SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · pythonremoteandroid
https://www.exploit-db.com/exploits/38554

This exploit demonstrates a JavaScript injection vulnerability in the Samsung email client (SecEmailUI.apk) by sending a malicious HTML email. The script executes arbitrary JavaScript in the context of the WebView, potentially leaking sensitive information like email content or local files.

Classification
Working Poc 100%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Samsung email client (SecEmailUI.apk) on Android devices
No auth needed
Prerequisites: Valid SMTP credentials for sending the malicious email · Target device must use the vulnerable Samsung email client
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/38554/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/77431

Scores

CVSS v3 8.8
EPSS 0.0738
EPSS Percentile 93.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (1)
samsung/galaxy_s6
Published Apr 11, 2017
Tracked Since Feb 18, 2026