exploitDog

CVE-2017-17553

Опубликовано: 12 дек. 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

The Dolphin Browser for Android 12.0.2 suffers from an insecure parsing implementation of the Intent URI scheme. This vulnerability could allow attackers to abuse this implementation through a malicious Intent URI, in order to invoke private Activities within the Dolphin Browser.

Ссылки

https://github.com/VerSprite/research/blob/master/advisories/VS-2017-002.md
Third Party Advisory
https://github.com/VerSprite/research/blob/master/advisories/VS-2017-002.md
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:changyou:dolphin:12.0.2:*:*:*:*:android:*:*

EPSS

Процентиль: 46%

0.00232

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-28q5-692w-348q

CVSS3: 5.3

github

больше 3 лет назад

The Dolphin Browser for Android 12.0.2 suffers from an insecure parsing implementation of the Intent URI scheme. This vulnerability could allow attackers to abuse this implementation through a malicious Intent URI, in order to invoke private Activities within the Dolphin Browser.

EPSS

Процентиль: 46%

0.00232

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo