Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveHackeroneCVE-2016-9473
HistoryMar 28, 2017 - 2:59 a.m.

CVE-2016-9473

2017-03-2802:59:01
CWE-451
CWE-79
hackerone
web.nvd.nist.gov
30
2
brave browser
ios
android
address bar spoofing
cve-2016-9473
security vulnerability
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

4.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

AI Score

4.5

Confidence

High

EPSS

0.002

Percentile

53.2%

JSON

Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attackers to trick a victim by displaying a malicious page for legitimate domain names.

Affected configurations

Nvd
Node
bravebrowserRange<1.2.18iphone_os
OR
bravebrowserRange<1.9.56android
VendorProductVersionCPE
bravebrowser*cpe:2.3:a:brave:browser:*:*:*:*:*:iphone_os:*:*
bravebrowser*cpe:2.3:a:brave:browser:*:*:*:*:*:android:*:*

CNA Affected

[
  {
    "product": "Brave Software Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Brave Software Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier"
      }
    ]
  }
]

Social References

More

Related

cvelist 1
hackerone 1
nvd 1
prion 1
osv 1
cvelist
cvelist
CVE-2016-9473
2017-03-28 02:46:00
hackerone
hackerone
Brave Software: [iOS/Android] Address Bar Spoofing Vulnerability
2016-10-15 08:17:22
nvd
nvd
CVE-2016-9473
2017-03-28 02:59:01
prion
prion
Design/Logic Flaw
2017-03-28 02:59:00
osv
osv
CVE-2016-9473
2017-03-28 02:59:01

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

4.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

AI Score

4.5

Confidence

High

EPSS

0.002

Percentile

53.2%

JSON
Related for CVE-2016-9473
cvelist1hackerone1nvd1prion1osv1