CVE-2014-7252 - Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile process

CVE-2014-7252

Summary

Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and "improper data validation."

References

Vulnerable Configurations

cpe:2.3:o:disney_interactive:disney_mobile:-:*:*:*:*:*:*:*
cpe:2.3:o:disney_interactive:disney_mobile:-:*:*:*:*:*:*:*
cpe:2.3:h:fujitsu:f-08d:-:*:*:*:*:*:*:*
cpe:2.3:h:fujitsu:f-08d:-:*:*:*:*:*:*:*
cpe:2.3:h:fujitsu:arrows_tab_lte_f-01d:*:*:*:*:*:*:*:*
cpe:2.3:h:fujitsu:arrows_tab_lte_f-01d:*:*:*:*:*:*:*:*
cpe:2.3:h:sharp:softbank_102sh:-:*:*:*:*:*:*:*
cpe:2.3:h:sharp:softbank_102sh:-:*:*:*:*:*:*:*
cpe:2.3:h:fujitsu:regza_phone_t-01d:-:*:*:*:*:*:*:*
cpe:2.3:h:fujitsu:regza_phone_t-01d:-:*:*:*:*:*:*:*
cpe:2.3:h:fujitsu:arrows_x_lte_f-05d:-:*:*:*:*:*:*:*
cpe:2.3:h:fujitsu:arrows_x_lte_f-05d:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:prada_phone_l-02d:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:prada_phone_l-02d:-:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 08-12-2014 - 13:55)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

jvn	JVN#67792023
jvndb	JVNDB-2014-000137
misc	http://jvn.jp/en/jp/JVN67792023/397327/index.html http://jvn.jp/en/jp/JVN67792023/995312/index.html

Last major update

08-12-2014 - 13:55

Published

05-12-2014 - 17:59

Last modified

08-12-2014 - 13:55