The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain modules associated with PDF and Microsoft Office files (related to libpicsel), which allows MITM attacks.
References
Link | Resource |
---|---|
https://news.drweb.com/show/?i=13176&c=38 | Exploit Third Party Advisory |
https://www.bleepingcomputer.com/news/security/uc-browser-for-android-desktop-exposes-500-million-users-to-mitm-attacks/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-28T14:01:04
Updated: 2019-03-28T14:01:04
Reserved: 2019-03-28T00:00:00
Link: CVE-2019-10251
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-03-28T15:29:00.327
Modified: 2021-07-21T11:39:23.747
Link: CVE-2019-10251
JSON object: View
Redhat Information
No data.
CWE