CVE-2015-3830
MEDIUMAndroid - Address Bar Spoofing via Malicious Page Display
Title source: manualDescription
The stock Android browser address bar in all Android operating systems suffers from Address Bar Spoofing, which allows remote attackers to trick a victim by displaying a malicious page for legitimate domain names.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://github.com/CHEF-KOCH/Android-Vulnerabilities-Overview/blob/master/2015.md
Exploit, Third Party Advisory x_refsource_misc
https://jsfiddle.net/dy4swq4o/
Scores
CVSS v3
6.5
EPSS
0.0047
EPSS Percentile
37.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-20
Status
published
Products (1)
google/android
Published
Jun 06, 2017
Tracked Since
Feb 18, 2026