CVE-2018-18334 — HIGH (7.5)

Q: How severe is CVE-2018-18334?

CVE-2018-18334 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-18334?

Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Dr. Safety.

Vulnerability Description

A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy (SOP) and obtain sensitive information via crafted JavaScript code on vulnerable installations.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Trendmicro	Dr. Safety	< 3.0.1478

Related Weaknesses (CWE)

CWE-200

References

https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121933.aspxVendor Advisory
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121933.aspxVendor Advisory

FAQ

What is CVE-2018-18334?

CVE-2018-18334 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy (SOP) and obtain sensiti...

How severe is CVE-2018-18334?

CVE-2018-18334 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-18334?

Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Dr. Safety.