漏洞标题
F-Secure SAFE Browser 容易被USSD攻击所攻击
漏洞描述信息
F-Secure SAFE浏览器易受USSD攻击
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
漏洞类别
N/A
漏洞标题
F-Secure SAFE Browser vulnerable to USSD attacks
漏洞描述信息
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform unwanted calls. In most modern Android OS, dialer application will require user interaction, however, some older Android OS may not need user interaction.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
漏洞类别
N/A
漏洞标题
F-secure F-Secure SAFE 安全漏洞
漏洞描述信息
F-secure F-Secure SAFE是芬兰F-Secure(F-secure)公司的一套杀毒软件。 F-Secure SAFE browser存在安全漏洞,该漏洞源于带有 JavaScript 或 iFrame 中的 USSD 代码的恶意制作的网站可以从 F-Secure 浏览器触发拨号应用程序,攻击者可以利用该应用程序发送不需要的 USSD 消息或执行不需要的呼叫。
CVSS信息
N/A
漏洞类别
其他