PT-2017-14851 · Dolphin · Dolphin Browser For Android

Benjamin Watson

Publicado

2017-12-12

Atualizado

2019-10-03

CVE-2017-17553

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Dolphin Browser for Android version 12.0.2

Description The issue is related to an insecure parsing implementation of the Intent URI scheme. This could allow attackers to invoke private Activities within the Dolphin Browser by using a malicious Intent URI.

Recommendations For version 12.0.2, consider restricting access to private Activities until a patch is available. As a temporary workaround, avoid using the Dolphin Browser for Android with untrusted Intent URIs. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2017-17553

Produtos afetados

Dolphin Browser For Android

PT-2017-14851 · Dolphin · Dolphin Browser For Android

CVE-2017-17553

Identificadores relacionados

Produtos afetados

Referências · 3