Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Zero-day flaws found in Dolphin, Mercury browsers for Android

Zero-day flaws found in Dolphin, Mercury browsers for Android

2015/08/24

Securityweek - (International) A security researcher discovered a vulnerability in the Dolphin Web browser for Android in which a man-in-the-middle (MitM) attacker could inject a specially crafted file to arbitrarily write files or execute remotely, as well as unpatched insecure Intent URI scheme implementation and path transversal vulnerabilities in the Mercury Web browser that could allow a remote attacker to read and write arbitrary files within the application's data directory.

Source: http://www.securityweek.com/zero-day-flaws-found-dolphin-mercury-browsers-android

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:25:05