Dropbox for Android Authorisation Bypass
- Published: 12 Aug 2011
Dropbox for Android Authorisation Bypass
Share
Type
- Dropbox for Android
Severity
- High
Affected products
- Dropbox for Android
Date
- 2011-08-12
CVE Reference
- N/A
This vulnerability allows an attacker to upload a selected file to the linked Dropbox account without the interaction of the user. This could enable an attacker’s malicious application to gain control of a user’s Dropbox account by uploading the Dropbox settings database, which resides in the Dropbox application’s protected storage area.