Type

  • Dropbox for Android

    • Severity

  • High

    • Affected products

  • Dropbox for Android

    • Date

  • 2011-08-12

    • CVE Reference

  • N/A

This vulnerability allows an attacker to upload a selected file to the linked Dropbox account without the interaction of the user. This could enable an attacker’s malicious application to gain control of a user’s Dropbox account by uploading the Dropbox settings database, which resides in the Dropbox application’s protected storage area.