SB2020102122 - Multiple vulnerabilities in UCWeb UC Browser

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020102122

SB2020102122 - Multiple vulnerabilities in UCWeb UC Browser

Published: October 21, 2020

Security Bulletin ID SB2020102122
Severity
Medium
Patch available
NO
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Spoofing attack (CVE-ID: CVE-2020-7363)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data in the address bar. A remote attacker can spoof page content and obfuscate the true source of data as presented in the browser.


2) Spoofing attack (CVE-ID: CVE-2020-7364)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data in the address bar. A remote attacker can spoof page content and obfuscate the true source of data as presented in the browser.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References