VYPR

Browser

by Google

CVEs (5)

  • CVE-2015-3830MedJun 6, 2017
    risk 0.42cvss 6.5epss 0.00

    The stock Android browser address bar in all Android operating systems suffers from Address Bar Spoofing, which allows remote attackers to trick a victim by displaying a malicious page for legitimate domain names.

  • CVE-2014-6041Sep 2, 2014
    risk 0.05cvss epss 0.18

    The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open('\u0000javascript: sequence to the Android Browser application 4.2.1 or a…

  • CVE-2010-4804Jun 9, 2011
    risk 0.05cvss epss 0.27

    The Android browser in Android before 2.3.4 allows remote attackers to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/android/browser/.

  • CVE-2012-6301Dec 10, 2012
    risk 0.04cvss epss 0.06

    The Browser application in Android 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted market: URI in the SRC attribute of an IFRAME element.

  • CVE-2008-7298Aug 9, 2011
    risk 0.00cvss epss 0.01

    The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict…