Endpoint Vulnerability

Security Vulnerability CVE-2019-12171 for Dropbox

Description

Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71.4.108.0 store cleartext credentials in memory upon successful login or new account creation. These are not securely freed in the running process.

Affected Products

Dropbox

References

CVE-2019-12171,