6 matches found
CVE-2021-44751
The CVE describes a vulnerability in the F-Secure SAFE browser where a malicious website containing USSD code via JavaScript or an iframe can trigger the browser’s dialer. This could allow an attacker to send USSD messages or initiate calls. The impact notes that on most modern Androids the diale...
CVE-2021-40835
CVE-2021-40835 affects F-Secure Safe Browser for iOS. The issue is an URL address bar spoofing vulnerability where a specially crafted URL with an extremely long username part can mislead users into thinking content comes from a valid domain. The described root cause is that the username portion ...
CVE-2019-11644
The CVE-2019-11644 entry describes a local privilege escalation in the Windows installers for F-Secure products (SAFE for Windows before 17.6; Internet Security before 17.6; Anti-Virus before 17.6; Client Security Standard/Premium before 14.10; PSB Workstation Security before 12.01; Computer Prot...
CVE-2021-33595
Affected product. Safe Browser for iOS (F-Secure Safe Browser). Issue. Address bar spoofing: the address bar shows a legitimate URL while loading content from another domain, causing users to believe the content is from a trusted site. Root cause (as described). A mismatch between displayed URL a...
CVE-2021-33596
Summary of CVE-2021-33596 findings : The vulnerability is described as a UI spoofing issue in which the browser shows a legitimate URL in the address bar while content is loaded from a different domain. Exploitation requires the user to click on a specially crafted URL containing an embedded mali...
CVE-2021-33594
CVE-2021-33594 documents an address bar spoofing vulnerability in Safe Browser for Android. The vulnerability allows a remote attacker to present a legitimate-looking URL in the address bar while loading content from a different domain in a window, effectively deceiving users. Reported consistent...