CVE-2015-3830 Information

Description

The stock Android browser address bar in all Android operating systems suffers from Address Bar Spoofing which allows remote attackers to trick a victim by displaying a malicious page for legitimate domain names.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Reference

https://github.com/CHEF-KOCH/Android-Vulnerabilities-Overview/blob/master/2015.md https://jsfiddle.net/dy4swq4o/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

6.5