Address Bar Spoofing Vulnerability in Trend Micro Dr. Safety for Android
CVE-2018-18330

6.5MEDIUM

Key Information:

Vendor: Trend Micro
Status: Trend Micro Dr. Safety For Android (consumer)
Vendor: CVE Published:; 21 December 2018

Summary

An address bar spoofing vulnerability in Trend Micro Dr. Safety for Android versions 3.0.1324 and below enables attackers to manipulate the private browser's address bar. This manipulation can lead to the tricking of users into visiting malicious URLs, exposing them to potential security risks. This vulnerability highlights the importance of having updated software to mitigate such spoofing threats.

Affected Version(s)

Trend Micro Dr. Safety for Android (Consumer) 3.0.1324 and below

References

https://esupport.trendmicro.com/en-us/home/pages/technica...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 21, 2018
Vulnerability Reserved
Oct 15, 2018