Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-17553 | 1 Changyou | 1 Dolphin | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
The Dolphin Browser for Android 12.0.2 suffers from an insecure parsing implementation of the Intent URI scheme. This vulnerability could allow attackers to abuse this implementation through a malicious Intent URI, in order to invoke private Activities within the Dolphin Browser. | |||||
CVE-2017-17551 | 1 Changyou | 1 Dolphin | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
The Backup and Restore feature in Mobotap Dolphin Browser for Android 12.0.2 suffers from an arbitrary file write vulnerability when attempting to restore browser settings from a malicious Dolphin Browser backup file. This arbitrary file write vulnerability allows an attacker to overwrite a specific executable in the Dolphin Browser's data directory with a crafted malicious executable. Every time the Dolphin Browser is launched, it will attempt to run the malicious executable from disk, thus executing the attacker's code. |