exploitDog

CVE-2018-18330

Опубликовано: 21 дек. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

An Address Bar Spoofing vulnerability in Trend Micro Dr. Safety for Android (Consumer) versions 3.0.1324 and below could allow an attacker to potentially trick a victim into visiting a malicious URL using address bar spoofing on the Private Browser of the app on vulnerable installations.

Ссылки

https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121673.aspx
Vendor Advisory
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121673.aspx
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:trendmicro:dr._safety:*:*:*:*:*:android:*:*

Версия до 3.0.1324 (включая)

EPSS

Процентиль: 56%

0.00341

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-xrh5-29m8-2x22

CVSS3: 6.5

github

больше 3 лет назад

An Address Bar Spoofing vulnerability in Trend Micro Dr. Safety for Android (Consumer) versions 3.0.1324 and below could allow an attacker to potentially trick a victim into visiting a malicious URL using address bar spoofing on the Private Browser of the app on vulnerable installations.

EPSS

Процентиль: 56%

0.00341

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo