8.2
CVE-2024-52270
- EPSS 0.19%
- Veröffentlicht 05.12.2024 11:15:06
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 2fdefc65-d750-4b8d-96ee-6e2c0c
- CVE-Watchlists
- Unerledigt
PDF Document Spoofing in DropBox Sign(HelloSign)
User Interface (UI) Misrepresentation of Critical Information vulnerability in DropBox Sign(HelloSign) allows Content Spoofing. Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened. This issue affects DropBox Sign(HelloSign): through 2024-12-04.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerDropBox(HelloSign)
≫
Produkt
DropBox Sign
Default Statusaffected
Version <=
2024-12-04
Version
0
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.084 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe | 8.2 | 0 | 0 |
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:Red
|
CWE-451 User Interface (UI) Misrepresentation of Critical Information
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.
https://www.vulsec.org/advisories
https://app.hellosign.com/
https://drive.proton.me/urls/Z6DHXNRZQC#jkfO38rjOiOj
https://new.space/s/ZuHoujvkjdzfY7Uihah7Yg#SKWLU_g2Cihfj4qsq9XNy6F4saxVAzD876PujiDOYfs
https://sign.dropbox.com/
https://www.loom.com/share/48f63594e14c49e19840ad9cb7d60453?sid=816c6afa-0b67-4b0b-98ff-d5c58d464038