3 matches found
CVE-2017-7327
Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll.
CVE-2017-7325
Yandex Browser before 16.9.0 allows remote attackers to spoof the address bar via window.open.
CVE-2017-7326
Race condition issue in Yandex Browser for Android before 17.4.0.16 allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page