CVE-2018-18334

7.5HIGH

Key Information:

Vendor: Trend Micro
Status: Trend Micro Dr. Safety For Android (consumer)
Vendor: CVE Published:; 5 February 2019

Summary

A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy (SOP) and obtain sensitive information via crafted JavaScript code on vulnerable installations.

Affected Version(s)

Trend Micro Dr. Safety for Android (Consumer) Before 3.0.1478

References

https://esupport.trendmicro.com/en-us/home/pages/technica...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 5, 2019
Vulnerability Reserved
Oct 15, 2018