Search criteria
31 vulnerabilities found for mobile by samsung
VAR-201701-0789
Vulnerability from variot - Updated: 2023-12-18 14:05Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122. SamsungNote is a smartphone released by Samsung in South Korea. The SamsungNote device failed to handle exceptions correctly, allowing remote attackers to exploit the vulnerability to build malicious applications, trigger systemUI crashes, and denial of service. Multiple Samsung Android Mobile devices are prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the system, resulting in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201701-0789",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00582"
},
{
"db": "BID",
"id": "95424"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001057"
},
{
"db": "NVD",
"id": "CVE-2017-5350"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-309"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5350"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Quhe of Ant-financial Light-Year Security Lab.",
"sources": [
{
"db": "BID",
"id": "95424"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5350",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-5350",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-00582",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-5350",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5350",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-00582",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-309",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00582"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001057"
},
{
"db": "NVD",
"id": "CVE-2017-5350"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-309"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122. SamsungNote is a smartphone released by Samsung in South Korea. The SamsungNote device failed to handle exceptions correctly, allowing remote attackers to exploit the vulnerability to build malicious applications, trigger systemUI crashes, and denial of service. Multiple Samsung Android Mobile devices are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the system, resulting in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5350"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001057"
},
{
"db": "CNVD",
"id": "CNVD-2017-00582"
},
{
"db": "BID",
"id": "95424"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5350",
"trust": 3.3
},
{
"db": "BID",
"id": "95424",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001057",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-00582",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201701-309",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00582"
},
{
"db": "BID",
"id": "95424"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001057"
},
{
"db": "NVD",
"id": "CVE-2017-5350"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-309"
}
]
},
"id": "VAR-201701-0789",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00582"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00582"
}
]
},
"last_update_date": "2023-12-18T14:05:55.232000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-7122: Unexpected SystemUI FC driven by arbitrary application",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2017"
},
{
"title": "SamsungNote denial of service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88115"
},
{
"title": "Samsung Note Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66973"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00582"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001057"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-309"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-388",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001057"
},
{
"db": "NVD",
"id": "CVE-2017-5350"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/95424"
},
{
"trust": 1.9,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2017"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5350"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5350"
},
{
"trust": 0.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00582"
},
{
"db": "BID",
"id": "95424"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001057"
},
{
"db": "NVD",
"id": "CVE-2017-5350"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-309"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-00582"
},
{
"db": "BID",
"id": "95424"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001057"
},
{
"db": "NVD",
"id": "CVE-2017-5350"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-309"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00582"
},
{
"date": "2017-01-12T00:00:00",
"db": "BID",
"id": "95424"
},
{
"date": "2017-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001057"
},
{
"date": "2017-01-12T06:59:00.453000",
"db": "NVD",
"id": "CVE-2017-5350"
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-309"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00582"
},
{
"date": "2017-01-23T04:06:00",
"db": "BID",
"id": "95424"
},
{
"date": "2017-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001057"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-5350"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-309"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-309"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Note In device software systemUI Vulnerabilities that cause crashes",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001057"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-309"
}
],
"trust": 0.6
}
}
VAR-201611-0179
Vulnerability from variot - Updated: 2023-12-18 14:05A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248. Vendors have confirmed this vulnerability SVE-2016-6248 It is released as. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. http://cwe.mitre.org/data/definitions/476.htmlService operation interruption (SystemUI Crash and device restart ) There is a possibility of being put into a state. SamsungMobile is a series of smart mobile devices released by South Korea's Samsung. The Samsung MobileL 5.0 and 5.1 and M6.0 devices use the Exynos 7420 chipset for a denial of service vulnerability. An attacker could exploit the vulnerability to cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0179",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "4.4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10705"
},
{
"db": "BID",
"id": "94120"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005723"
},
{
"db": "NVD",
"id": "CVE-2016-7160"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-013"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7160"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "94120"
}
],
"trust": 0.3
},
"cve": "CVE-2016-7160",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-7160",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-10705",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-7160",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-7160",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-10705",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-013",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10705"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005723"
},
{
"db": "NVD",
"id": "CVE-2016-7160"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-013"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248. Vendors have confirmed this vulnerability SVE-2016-6248 It is released as. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. http://cwe.mitre.org/data/definitions/476.htmlService operation interruption (SystemUI Crash and device restart ) There is a possibility of being put into a state. SamsungMobile is a series of smart mobile devices released by South Korea\u0027s Samsung. The Samsung MobileL 5.0 and 5.1 and M6.0 devices use the Exynos 7420 chipset for a denial of service vulnerability. An attacker could exploit the vulnerability to cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7160"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005723"
},
{
"db": "CNVD",
"id": "CNVD-2016-10705"
},
{
"db": "BID",
"id": "94120"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-7160",
"trust": 3.3
},
{
"db": "BID",
"id": "94120",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005723",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-10705",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201611-013",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10705"
},
{
"db": "BID",
"id": "94120"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005723"
},
{
"db": "NVD",
"id": "CVE-2016-7160"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-013"
}
]
},
"id": "VAR-201611-0179",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10705"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10705"
}
]
},
"last_update_date": "2023-12-18T14:05:55.828000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-6248",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-sep-2016"
},
{
"title": "SamsungMobile denial of service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/83565"
},
{
"title": "Samsung Mobile Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65243"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10705"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005723"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-013"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005723"
},
{
"db": "NVD",
"id": "CVE-2016-7160"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-sep-2016"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/94120"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7160"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7160"
},
{
"trust": 0.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-10705"
},
{
"db": "BID",
"id": "94120"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005723"
},
{
"db": "NVD",
"id": "CVE-2016-7160"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-013"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-10705"
},
{
"db": "BID",
"id": "94120"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005723"
},
{
"db": "NVD",
"id": "CVE-2016-7160"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-013"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-10705"
},
{
"date": "2016-06-07T00:00:00",
"db": "BID",
"id": "94120"
},
{
"date": "2016-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005723"
},
{
"date": "2016-11-03T10:59:05.043000",
"db": "NVD",
"id": "CVE-2016-7160"
},
{
"date": "2016-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-013"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-10705"
},
{
"date": "2016-11-24T01:08:00",
"db": "BID",
"id": "94120"
},
{
"date": "2016-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005723"
},
{
"date": "2016-11-28T20:37:35.347000",
"db": "NVD",
"id": "CVE-2016-7160"
},
{
"date": "2016-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-013"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-013"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Mobile Service disruption on devices (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005723"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-013"
}
],
"trust": 0.6
}
}
VAR-201801-0938
Vulnerability from variot - Updated: 2023-12-18 14:05On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598. Samsung Mobile device software and Exynos The chipset contains a vulnerability related to input validation. Vendors have confirmed this vulnerability SVE-2017-10598 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsungmobiledevices is a smart mobile device produced by South Korea's Samsung. AndroidL, M, and N are a set of Linux-based open source operating systems developed jointly by Google and the Open Handheld Device Alliance (OHA). Exynoschipsets is a processor designed and developed by Samsung in South Korea based on ARM architecture. A security vulnerability exists in Samsung mobile devices using AndroidL (5.x), M (6.x) and N (7.x) and Exynos chips. The vulnerability stems from the failure of the program to detect size when copying ramfs data into memory. value. An attacker could exploit this vulnerability to execute arbitrary code in a boot load
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0938",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.2"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "6.0.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile devices l",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "mobile devices m",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "mobile devices n",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02569"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012051"
},
{
"db": "NVD",
"id": "CVE-2017-18020"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-207"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18020"
}
]
},
"cve": "CVE-2017-18020",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-18020",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-02569",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-18020",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-18020",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-02569",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-207",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02569"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012051"
},
{
"db": "NVD",
"id": "CVE-2017-18020"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-207"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598. Samsung Mobile device software and Exynos The chipset contains a vulnerability related to input validation. Vendors have confirmed this vulnerability SVE-2017-10598 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsungmobiledevices is a smart mobile device produced by South Korea\u0027s Samsung. AndroidL, M, and N are a set of Linux-based open source operating systems developed jointly by Google and the Open Handheld Device Alliance (OHA). Exynoschipsets is a processor designed and developed by Samsung in South Korea based on ARM architecture. A security vulnerability exists in Samsung mobile devices using AndroidL (5.x), M (6.x) and N (7.x) and Exynos chips. The vulnerability stems from the failure of the program to detect size when copying ramfs data into memory. value. An attacker could exploit this vulnerability to execute arbitrary code in a boot load",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18020"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012051"
},
{
"db": "CNVD",
"id": "CNVD-2018-02569"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18020",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012051",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-02569",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201801-207",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02569"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012051"
},
{
"db": "NVD",
"id": "CVE-2017-18020"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-207"
}
]
},
"id": "VAR-201801-0938",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02569"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02569"
}
]
},
"last_update_date": "2023-12-18T14:05:35.756000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SMR-DEC-2017 (SVE-2017-10598)",
"trust": 0.8,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"title": "Samsung mobile device arbitrary code execution vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/115479"
},
{
"title": "Samsung Mobile device security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77522"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02569"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012051"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-207"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012051"
},
{
"db": "NVD",
"id": "CVE-2017-18020"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18020"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18020"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02569"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012051"
},
{
"db": "NVD",
"id": "CVE-2017-18020"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-207"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-02569"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012051"
},
{
"db": "NVD",
"id": "CVE-2017-18020"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-207"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02569"
},
{
"date": "2018-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012051"
},
{
"date": "2018-01-04T06:29:00.263000",
"db": "NVD",
"id": "CVE-2017-18020"
},
{
"date": "2018-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-207"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02569"
},
{
"date": "2018-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012051"
},
{
"date": "2018-02-01T18:11:18.347000",
"db": "NVD",
"id": "CVE-2017-18020"
},
{
"date": "2018-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-207"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-207"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Mobile device software and Exynos Chipset input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012051"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-207"
}
],
"trust": 0.6
}
}
VAR-201803-1876
Vulnerability from variot - Updated: 2023-12-18 14:05On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105. Samsung Mobile device software contains an input validation vulnerability. Vendors have confirmed this vulnerability SVE-2017-11105 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsungmobiledevices and so on are all released by South Korea's Samsung (Samsung) company's smart mobile devices. AndroidL, M, and N are both Linux-based open source operating systems developed by Google and the Open Handheld Alliance (OHA). Gallery is one of the open source image management applications. A security vulnerability exists in the Gallery in Samsung mobile devices using the AndroidL (5.x), M (6.0), and N (7.x) versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1876",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 2.4,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.2"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "5.x"
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "7.x"
},
{
"model": "mobile devices l",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "mobile devices n",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "mobile devices m",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08468"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003405"
},
{
"db": "NVD",
"id": "CVE-2018-9141"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-061"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9141"
}
]
},
"cve": "CVE-2018-9141",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-9141",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-08468",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9141",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9141",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-08468",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-061",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08468"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003405"
},
{
"db": "NVD",
"id": "CVE-2018-9141"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-061"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105. Samsung Mobile device software contains an input validation vulnerability. Vendors have confirmed this vulnerability SVE-2017-11105 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsungmobiledevices and so on are all released by South Korea\u0027s Samsung (Samsung) company\u0027s smart mobile devices. AndroidL, M, and N are both Linux-based open source operating systems developed by Google and the Open Handheld Alliance (OHA). Gallery is one of the open source image management applications. A security vulnerability exists in the Gallery in Samsung mobile devices using the AndroidL (5.x), M (6.0), and N (7.x) versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9141"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003405"
},
{
"db": "CNVD",
"id": "CNVD-2018-08468"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9141",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003405",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-08468",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201804-061",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08468"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003405"
},
{
"db": "NVD",
"id": "CVE-2018-9141"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-061"
}
]
},
"id": "VAR-201803-1876",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08468"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08468"
}
]
},
"last_update_date": "2023-12-18T14:05:29.672000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android Security Updates",
"trust": 0.8,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"title": "Samsung mobile device Gallery random code execution vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/127505"
},
{
"title": "Samsung Mobile devices Gallery Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82928"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08468"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003405"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-061"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003405"
},
{
"db": "NVD",
"id": "CVE-2018-9141"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9141"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9141"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08468"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003405"
},
{
"db": "NVD",
"id": "CVE-2018-9141"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-061"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08468"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003405"
},
{
"db": "NVD",
"id": "CVE-2018-9141"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-061"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08468"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003405"
},
{
"date": "2018-03-30T08:29:00.743000",
"db": "NVD",
"id": "CVE-2018-9141"
},
{
"date": "2018-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-061"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08468"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003405"
},
{
"date": "2018-04-19T17:26:39.860000",
"db": "NVD",
"id": "CVE-2018-9141"
},
{
"date": "2018-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-061"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-061"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Vulnerability related to input validation in mobile device software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003405"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-061"
}
],
"trust": 0.6
}
}
VAR-201702-0392
Vulnerability from variot - Updated: 2023-12-18 14:01Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. Samsung Mobile Phone is a smart phone released by Samsung in South Korea. An attacker could use this vulnerability to cause a denial of service. The following products and versions are affected: Samsung Mobile Phones 4.4, 5.0, 5.1. Remote attackers can exploit this issue to cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0392",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "android phone",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"db": "CNVD",
"id": "CNVD-2016-02880"
},
{
"db": "BID",
"id": "90104"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007541"
},
{
"db": "NVD",
"id": "CVE-2016-4546"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-158"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4546"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vinc3nt4H of Alibaba Mobile Security Team",
"sources": [
{
"db": "BID",
"id": "90104"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-580"
}
],
"trust": 0.9
},
"cve": "CVE-2016-4546",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4546",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-05517",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-02880",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4546",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4546",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-05517",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-02880",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-158",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"db": "CNVD",
"id": "CNVD-2016-02880"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007541"
},
{
"db": "NVD",
"id": "CVE-2016-4546"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-158"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. Samsung Mobile Phone is a smart phone released by Samsung in South Korea. An attacker could use this vulnerability to cause a denial of service. The following products and versions are affected: Samsung Mobile Phones 4.4, 5.0, 5.1. \nRemote attackers can exploit this issue to cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4546"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007541"
},
{
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"db": "CNVD",
"id": "CNVD-2016-02880"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-580"
},
{
"db": "BID",
"id": "90104"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4546",
"trust": 3.3
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/05/06/1",
"trust": 2.4
},
{
"db": "BID",
"id": "90104",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007541",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-05517",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2016-02880",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201607-580",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201605-158",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"db": "CNVD",
"id": "CNVD-2016-02880"
},
{
"db": "BID",
"id": "90104"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007541"
},
{
"db": "NVD",
"id": "CVE-2016-4546"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-580"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-158"
}
]
},
"id": "VAR-201702-0392",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"db": "CNVD",
"id": "CNVD-2016-02880"
}
],
"trust": 2.2
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"db": "CNVD",
"id": "CNVD-2016-02880"
}
]
},
"last_update_date": "2023-12-18T14:01:41.328000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2015-5133: IAndroidShm IAPAService service DoS",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2016"
},
{
"title": "SamsungMobilePhones denial of service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/79789"
},
{
"title": "Samsumgandroidphone denial of service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/75390"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"db": "CNVD",
"id": "CNVD-2016-02880"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007541"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007541"
},
{
"db": "NVD",
"id": "CVE-2016-4546"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.openwall.com/lists/oss-security/2016/05/06/1"
},
{
"trust": 1.9,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2016"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/90104"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4546"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4546"
},
{
"trust": 0.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2016/q2/253"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"db": "CNVD",
"id": "CNVD-2016-02880"
},
{
"db": "BID",
"id": "90104"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007541"
},
{
"db": "NVD",
"id": "CVE-2016-4546"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-580"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-158"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"db": "CNVD",
"id": "CNVD-2016-02880"
},
{
"db": "BID",
"id": "90104"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007541"
},
{
"db": "NVD",
"id": "CVE-2016-4546"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-580"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-158"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"date": "2016-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02880"
},
{
"date": "2016-05-05T00:00:00",
"db": "BID",
"id": "90104"
},
{
"date": "2017-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007541"
},
{
"date": "2017-02-13T18:59:00.550000",
"db": "NVD",
"id": "CVE-2016-4546"
},
{
"date": "2016-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-580"
},
{
"date": "2015-10-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-158"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"date": "2016-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02880"
},
{
"date": "2017-03-07T02:06:00",
"db": "BID",
"id": "90104"
},
{
"date": "2017-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007541"
},
{
"date": "2017-02-16T13:39:25.337000",
"db": "NVD",
"id": "CVE-2016-4546"
},
{
"date": "2016-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-580"
},
{
"date": "2016-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-158"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-580"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Mobile Phones Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05517"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-580"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-580"
}
],
"trust": 0.6
}
}
VAR-201801-1361
Vulnerability from variot - Updated: 2023-12-18 13:57On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pattern). The Samsung ID is SVE-2017-10733. Samsung Mobile device software contains a buffer error vulnerability. Vendors have confirmed this vulnerability SVE-2017-10733 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. AndroidL, M, and N are a set of Linux-based open source operating systems developed jointly by Google and the Open Handheld Device Alliance (OHA). Exynoschipsets is a processor designed and developed by Samsung in South Korea based on ARM architecture. An attacker could exploit the vulnerability to execute arbitrary code and obtain PIN, password, or mode information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1361",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.2"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile devices",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "7.*"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02506"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001364"
},
{
"db": "NVD",
"id": "CVE-2018-5210"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-202"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5210"
}
]
},
"cve": "CVE-2018-5210",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-5210",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-02506",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-5210",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5210",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-02506",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-202",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02506"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001364"
},
{
"db": "NVD",
"id": "CVE-2018-5210"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-202"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pattern). The Samsung ID is SVE-2017-10733. Samsung Mobile device software contains a buffer error vulnerability. Vendors have confirmed this vulnerability SVE-2017-10733 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. AndroidL, M, and N are a set of Linux-based open source operating systems developed jointly by Google and the Open Handheld Device Alliance (OHA). Exynoschipsets is a processor designed and developed by Samsung in South Korea based on ARM architecture. An attacker could exploit the vulnerability to execute arbitrary code and obtain PIN, password, or mode information",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5210"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001364"
},
{
"db": "CNVD",
"id": "CNVD-2018-02506"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5210",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001364",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-02506",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201801-202",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02506"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001364"
},
{
"db": "NVD",
"id": "CVE-2018-5210"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-202"
}
]
},
"id": "VAR-201801-1361",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02506"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02506"
}
]
},
"last_update_date": "2023-12-18T13:57:08.444000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2017-10733",
"trust": 0.8,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"title": "Samsung Mobile Device Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/115241"
},
{
"title": "Samsung Fixes for mobile device buffer error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77517"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02506"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001364"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-202"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001364"
},
{
"db": "NVD",
"id": "CVE-2018-5210"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5210"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5210"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02506"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001364"
},
{
"db": "NVD",
"id": "CVE-2018-5210"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-202"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-02506"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001364"
},
{
"db": "NVD",
"id": "CVE-2018-5210"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-202"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02506"
},
{
"date": "2018-02-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001364"
},
{
"date": "2018-01-04T06:29:00.497000",
"db": "NVD",
"id": "CVE-2018-5210"
},
{
"date": "2018-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-202"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02506"
},
{
"date": "2018-02-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001364"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2018-5210"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-202"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-202"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Buffer error vulnerability in mobile device software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001364"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-202"
}
],
"trust": 0.6
}
}
VAR-201803-1878
Vulnerability from variot - Updated: 2023-12-18 13:57On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991. Samsung Mobile device software contains a buffer error vulnerability. Vendors have confirmed this vulnerability SVE-2017-10991 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsungmobiledevices and so on are all released by South Korea's Samsung (Samsung) company's smart mobile devices. Both AndroidM and N are Linux-based versions of the open source operating system jointly developed by Google and the Open Handheld Device Alliance (OHA). Sensorhubbinderservice is one of the processing services for sensors and hubs. An attacker could exploit the vulnerability to execute code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1878",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 2.4,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.2"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "7.x"
},
{
"model": "mobile devices m",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "mobile devices n",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08471"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003407"
},
{
"db": "NVD",
"id": "CVE-2018-9143"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-059"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9143"
}
]
},
"cve": "CVE-2018-9143",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-9143",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-08471",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9143",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9143",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-08471",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-059",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2018-9143",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08471"
},
{
"db": "VULMON",
"id": "CVE-2018-9143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003407"
},
{
"db": "NVD",
"id": "CVE-2018-9143"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-059"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991. Samsung Mobile device software contains a buffer error vulnerability. Vendors have confirmed this vulnerability SVE-2017-10991 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsungmobiledevices and so on are all released by South Korea\u0027s Samsung (Samsung) company\u0027s smart mobile devices. Both AndroidM and N are Linux-based versions of the open source operating system jointly developed by Google and the Open Handheld Device Alliance (OHA). Sensorhubbinderservice is one of the processing services for sensors and hubs. An attacker could exploit the vulnerability to execute code",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003407"
},
{
"db": "CNVD",
"id": "CNVD-2018-08471"
},
{
"db": "VULMON",
"id": "CVE-2018-9143"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9143",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003407",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-08471",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201804-059",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-9143",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08471"
},
{
"db": "VULMON",
"id": "CVE-2018-9143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003407"
},
{
"db": "NVD",
"id": "CVE-2018-9143"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-059"
}
]
},
"id": "VAR-201803-1878",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08471"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08471"
}
]
},
"last_update_date": "2023-12-18T13:57:05.609000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android Security Updates",
"trust": 0.8,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"title": "Samsung mobile device sensorhubbinder service buffer error vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/127497"
},
{
"title": "Samsung Mobile devices sensorhub binder Repair of service buffer error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82926"
},
{
"title": "bindump4j",
"trust": 0.1,
"url": "https://github.com/flankerhqd/bindump4j "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08471"
},
{
"db": "VULMON",
"id": "CVE-2018-9143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003407"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-059"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003407"
},
{
"db": "NVD",
"id": "CVE-2018-9143"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9143"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9143"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://github.com/flankerhqd/bindump4j"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08471"
},
{
"db": "VULMON",
"id": "CVE-2018-9143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003407"
},
{
"db": "NVD",
"id": "CVE-2018-9143"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-059"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08471"
},
{
"db": "VULMON",
"id": "CVE-2018-9143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003407"
},
{
"db": "NVD",
"id": "CVE-2018-9143"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-059"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08471"
},
{
"date": "2018-03-30T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9143"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003407"
},
{
"date": "2018-03-30T08:29:00.853000",
"db": "NVD",
"id": "CVE-2018-9143"
},
{
"date": "2018-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-059"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08471"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9143"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003407"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2018-9143"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-059"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-059"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Buffer error vulnerability in mobile device software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003407"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-059"
}
],
"trust": 0.6
}
}
VAR-201803-1877
Vulnerability from variot - Updated: 2023-12-18 13:52On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932. Samsung Mobile device software contains an input validation vulnerability. Vendors have confirmed this vulnerability SVE-2017-10932 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsungmobiledevices and so on are all released by South Korea's Samsung (Samsung) company's smart mobile devices. AndroidN is a Linux-based open source operating system jointly developed by Google and the Open Handheld Device Alliance (OHA). A security vulnerability exists in the AndroidN (7.x) version of the Samsung mobile device that caused the program to fail to properly verify the package signature and name. An attacker could exploit this vulnerability to install any APK on the SecureFolderSDCard zone
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1877",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.2"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "7.x"
},
{
"model": "mobile devices n",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08469"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003406"
},
{
"db": "NVD",
"id": "CVE-2018-9142"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-060"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9142"
}
]
},
"cve": "CVE-2018-9142",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.6,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-9142",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2018-08469",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9142",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9142",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-08469",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-060",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08469"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003406"
},
{
"db": "NVD",
"id": "CVE-2018-9142"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-060"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932. Samsung Mobile device software contains an input validation vulnerability. Vendors have confirmed this vulnerability SVE-2017-10932 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsungmobiledevices and so on are all released by South Korea\u0027s Samsung (Samsung) company\u0027s smart mobile devices. AndroidN is a Linux-based open source operating system jointly developed by Google and the Open Handheld Device Alliance (OHA). A security vulnerability exists in the AndroidN (7.x) version of the Samsung mobile device that caused the program to fail to properly verify the package signature and name. An attacker could exploit this vulnerability to install any APK on the SecureFolderSDCard zone",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9142"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003406"
},
{
"db": "CNVD",
"id": "CNVD-2018-08469"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9142",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003406",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-08469",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201804-060",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08469"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003406"
},
{
"db": "NVD",
"id": "CVE-2018-9142"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-060"
}
]
},
"id": "VAR-201803-1877",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08469"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08469"
}
]
},
"last_update_date": "2023-12-18T13:52:43.101000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android Security Updates",
"trust": 0.8,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"title": "Samsung mobile device design vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/127501"
},
{
"title": "Samsung Mobile device security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82927"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08469"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003406"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-060"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003406"
},
{
"db": "NVD",
"id": "CVE-2018-9142"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9142"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9142"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08469"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003406"
},
{
"db": "NVD",
"id": "CVE-2018-9142"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-060"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08469"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003406"
},
{
"db": "NVD",
"id": "CVE-2018-9142"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-060"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08469"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003406"
},
{
"date": "2018-03-30T08:29:00.790000",
"db": "NVD",
"id": "CVE-2018-9142"
},
{
"date": "2018-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-060"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08469"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003406"
},
{
"date": "2018-04-19T17:26:37.533000",
"db": "NVD",
"id": "CVE-2018-9142"
},
{
"date": "2018-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-060"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-060"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Vulnerability related to input validation in mobile device software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003406"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-060"
}
],
"trust": 0.6
}
}
VAR-201701-0683
Vulnerability from variot - Updated: 2023-12-18 13:48Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embedded APK file to the /data/app directory, but the app will not be installed since third-party applications cannot programmatically install apps. Samsung has modified AOSP in order to accelerate the parsing of APKs by introducing the com.android.server.pm.PackagePrefetcher class and its nested classes. These classes will parse the APKs present in the /data/app directory and other directories, even if the app is not actually installed. The embedded APK that was written to the /data/app directory via the active install session has a very large but valid AndroidManifest.xml file. Specifically, the AndroidManifest.xml file contains a very large string value for the name of a permission-tree that it declares. When system_server tries to parse the APK file of the embedded app from the active install session, it will crash due to an uncaught error (i.e., java.lang.OutOfMemoryError) or an uncaught exception (i.e., std::bad_alloc) because of memory constraints. The Samsung Android device will encounter a soft reboot due to a system_server crash, and this action will keep repeating since parsing the APKs in the /data/app directory as performed by the system_server process is part of the normal boot process. The Samsung ID is SVE-2016-6917. Vendors have confirmed this vulnerability SVE-2016-6917 It is released as.No permission (zero-permission) Android Service installation disruption by installing applications ( Continuous crash ) There is a possibility of being put into a state. SamsungAndroid is a series of Android smartphones from South Korea's Samsung. There is a security hole in the SamsungAndroid device. An attacker could exploit the vulnerability with a specially crafted resource profile to cause a system crash that could result in a denial of service. Multiple Samsung Android Mobile Phones are prone to a denial-of-service vulnerability. An attacker can exploit this issue to factory reset the device, resulting in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201701-0683",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.2"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.4"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.2"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00455"
},
{
"db": "BID",
"id": "95319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001051"
},
{
"db": "NVD",
"id": "CVE-2017-5217"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-160"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5217"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ryan Johnson and Angelos Stavrou of Kryptowire.",
"sources": [
{
"db": "BID",
"id": "95319"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5217",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-5217",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-00455",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-5217",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5217",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-00455",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-160",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00455"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001051"
},
{
"db": "NVD",
"id": "CVE-2017-5217"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-160"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embedded APK file to the /data/app directory, but the app will not be installed since third-party applications cannot programmatically install apps. Samsung has modified AOSP in order to accelerate the parsing of APKs by introducing the com.android.server.pm.PackagePrefetcher class and its nested classes. These classes will parse the APKs present in the /data/app directory and other directories, even if the app is not actually installed. The embedded APK that was written to the /data/app directory via the active install session has a very large but valid AndroidManifest.xml file. Specifically, the AndroidManifest.xml file contains a very large string value for the name of a permission-tree that it declares. When system_server tries to parse the APK file of the embedded app from the active install session, it will crash due to an uncaught error (i.e., java.lang.OutOfMemoryError) or an uncaught exception (i.e., std::bad_alloc) because of memory constraints. The Samsung Android device will encounter a soft reboot due to a system_server crash, and this action will keep repeating since parsing the APKs in the /data/app directory as performed by the system_server process is part of the normal boot process. The Samsung ID is SVE-2016-6917. Vendors have confirmed this vulnerability SVE-2016-6917 It is released as.No permission (zero-permission) Android Service installation disruption by installing applications ( Continuous crash ) There is a possibility of being put into a state. SamsungAndroid is a series of Android smartphones from South Korea\u0027s Samsung. There is a security hole in the SamsungAndroid device. An attacker could exploit the vulnerability with a specially crafted resource profile to cause a system crash that could result in a denial of service. Multiple Samsung Android Mobile Phones are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to factory reset the device, resulting in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5217"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001051"
},
{
"db": "CNVD",
"id": "CNVD-2017-00455"
},
{
"db": "BID",
"id": "95319"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5217",
"trust": 3.3
},
{
"db": "BID",
"id": "95319",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001051",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-00455",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201701-160",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00455"
},
{
"db": "BID",
"id": "95319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001051"
},
{
"db": "NVD",
"id": "CVE-2017-5217"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-160"
}
]
},
"id": "VAR-201701-0683",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00455"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00455"
}
]
},
"last_update_date": "2023-12-18T13:48:41.764000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-6917: Forcing factory resets with a large manifest file on Samsung Android Devices",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2017"
},
{
"title": "Patches for multiple Samsung Android MobilePhones denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88003"
},
{
"title": "Samsung Android Repair measures for device security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66888"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00455"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001051"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-160"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
},
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001051"
},
{
"db": "NVD",
"id": "CVE-2017-5217"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2017"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/95319"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5217"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5217"
},
{
"trust": 0.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00455"
},
{
"db": "BID",
"id": "95319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001051"
},
{
"db": "NVD",
"id": "CVE-2017-5217"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-160"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-00455"
},
{
"db": "BID",
"id": "95319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001051"
},
{
"db": "NVD",
"id": "CVE-2017-5217"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-160"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00455"
},
{
"date": "2017-01-09T00:00:00",
"db": "BID",
"id": "95319"
},
{
"date": "2017-01-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001051"
},
{
"date": "2017-01-09T08:59:00.247000",
"db": "NVD",
"id": "CVE-2017-5217"
},
{
"date": "2017-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-160"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00455"
},
{
"date": "2017-01-12T01:10:00",
"db": "BID",
"id": "95319"
},
{
"date": "2017-01-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001051"
},
{
"date": "2017-01-11T02:59:12.870000",
"db": "NVD",
"id": "CVE-2017-5217"
},
{
"date": "2017-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-160"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-160"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific Samsung Android Device software Android OS of system_server Service disruption in the process (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001051"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-160"
}
],
"trust": 0.6
}
}
VAR-201701-0790
Vulnerability from variot - Updated: 2023-12-18 13:48Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650. Samsung Note There is a vulnerability in the device software that can cause a system crash. SamsungNote is a smartphone released by South Korea's Samsung. Multiple Samsung Android Mobile devices are prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the system, resulting in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201701-0790",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile phones",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.2"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.4"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.2"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00581"
},
{
"db": "BID",
"id": "95418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001058"
},
{
"db": "NVD",
"id": "CVE-2017-5351"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-308"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5351"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yaoguang Chen of Ant-financial Light-Year Security Lab",
"sources": [
{
"db": "BID",
"id": "95418"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5351",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-5351",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-00581",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-5351",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5351",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-00581",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-308",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-5351",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00581"
},
{
"db": "VULMON",
"id": "CVE-2017-5351"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001058"
},
{
"db": "NVD",
"id": "CVE-2017-5351"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-308"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650. Samsung Note There is a vulnerability in the device software that can cause a system crash. SamsungNote is a smartphone released by South Korea\u0027s Samsung. Multiple Samsung Android Mobile devices are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the system, resulting in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5351"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001058"
},
{
"db": "CNVD",
"id": "CNVD-2017-00581"
},
{
"db": "BID",
"id": "95418"
},
{
"db": "VULMON",
"id": "CVE-2017-5351"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5351",
"trust": 3.4
},
{
"db": "BID",
"id": "95418",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001058",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-00581",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201701-308",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-5351",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00581"
},
{
"db": "VULMON",
"id": "CVE-2017-5351"
},
{
"db": "BID",
"id": "95418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001058"
},
{
"db": "NVD",
"id": "CVE-2017-5351"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-308"
}
]
},
"id": "VAR-201701-0790",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00581"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00581"
}
]
},
"last_update_date": "2023-12-18T13:48:41.649000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-7650: VR Service Security Issue",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2017"
},
{
"title": "Patch for SamsungNote Denial of Service Vulnerability (CNVD-2017-00581)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88116"
},
{
"title": "Samsung Note Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66972"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00581"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001058"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-308"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001058"
},
{
"db": "NVD",
"id": "CVE-2017-5351"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/95418"
},
{
"trust": 2.0,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2017"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5351"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5351"
},
{
"trust": 0.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00581"
},
{
"db": "VULMON",
"id": "CVE-2017-5351"
},
{
"db": "BID",
"id": "95418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001058"
},
{
"db": "NVD",
"id": "CVE-2017-5351"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-308"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-00581"
},
{
"db": "VULMON",
"id": "CVE-2017-5351"
},
{
"db": "BID",
"id": "95418"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001058"
},
{
"db": "NVD",
"id": "CVE-2017-5351"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-308"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00581"
},
{
"date": "2017-01-12T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5351"
},
{
"date": "2017-01-12T00:00:00",
"db": "BID",
"id": "95418"
},
{
"date": "2017-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001058"
},
{
"date": "2017-01-12T06:59:00.467000",
"db": "NVD",
"id": "CVE-2017-5351"
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-308"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00581"
},
{
"date": "2017-01-27T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5351"
},
{
"date": "2017-01-23T04:05:00",
"db": "BID",
"id": "95418"
},
{
"date": "2017-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001058"
},
{
"date": "2017-01-27T18:45:29.740000",
"db": "NVD",
"id": "CVE-2017-5351"
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-308"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-308"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Note Vulnerabilities that cause system crashes in device software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001058"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-308"
}
],
"trust": 0.6
}
}
VAR-201702-0393
Vulnerability from variot - Updated: 2023-12-18 13:39Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. Samsumgandroidphone is a series of mobile phones based on the Android platform. The Samsumgandroid system service failed to handle exceptions correctly, allowing local attackers to conduct denial of service attacks by sending malicious service commands. Multiple Samsung Android Mobile devices are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0393",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "android phone",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02879"
},
{
"db": "BID",
"id": "96360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007542"
},
{
"db": "NVD",
"id": "CVE-2016-4547"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-159"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4547"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vinc3nt4H of Alibaba Mobile Security Team.",
"sources": [
{
"db": "BID",
"id": "96360"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4547",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4547",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-02879",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4547",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4547",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-02879",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-159",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02879"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007542"
},
{
"db": "NVD",
"id": "CVE-2016-4547"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-159"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. Samsumgandroidphone is a series of mobile phones based on the Android platform. The Samsumgandroid system service failed to handle exceptions correctly, allowing local attackers to conduct denial of service attacks by sending malicious service commands. Multiple Samsung Android Mobile devices are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4547"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007542"
},
{
"db": "CNVD",
"id": "CNVD-2016-02879"
},
{
"db": "BID",
"id": "96360"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4547",
"trust": 3.3
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/05/06/2",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007542",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-02879",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201605-159",
"trust": 0.6
},
{
"db": "BID",
"id": "96360",
"trust": 0.3
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02879"
},
{
"db": "BID",
"id": "96360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007542"
},
{
"db": "NVD",
"id": "CVE-2016-4547"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-159"
}
]
},
"id": "VAR-201702-0393",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02879"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02879"
}
]
},
"last_update_date": "2023-12-18T13:39:04.457000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-5134: TvoutService_C service DoS",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-feb-2016"
},
{
"title": "Patch for Samsumgandroidphone Denial of Service Vulnerability (CNVD-2016-02879)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/75391"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02879"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007542"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007542"
},
{
"db": "NVD",
"id": "CVE-2016-4547"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.openwall.com/lists/oss-security/2016/05/06/2"
},
{
"trust": 1.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-feb-2016"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4547"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4547"
},
{
"trust": 0.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
},
{
"trust": 0.3,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-feb-2017"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02879"
},
{
"db": "BID",
"id": "96360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007542"
},
{
"db": "NVD",
"id": "CVE-2016-4547"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-159"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-02879"
},
{
"db": "BID",
"id": "96360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007542"
},
{
"db": "NVD",
"id": "CVE-2016-4547"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-159"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02879"
},
{
"date": "2017-02-13T00:00:00",
"db": "BID",
"id": "96360"
},
{
"date": "2017-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007542"
},
{
"date": "2017-02-13T18:59:00.597000",
"db": "NVD",
"id": "CVE-2016-4547"
},
{
"date": "2015-10-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-159"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02879"
},
{
"date": "2017-03-07T02:06:00",
"db": "BID",
"id": "96360"
},
{
"date": "2017-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007542"
},
{
"date": "2017-02-16T13:40:22.777000",
"db": "NVD",
"id": "CVE-2016-4547"
},
{
"date": "2016-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-159"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-159"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Android Equipped Samsung Service operation interruption in device products (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007542"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-159"
}
],
"trust": 0.6
}
}
VAR-201803-1874
Vulnerability from variot - Updated: 2023-12-18 13:19On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165. Samsung Mobile device software contains a buffer error vulnerability. Vendors have confirmed this vulnerability SVE-2017-11165 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsungmobiledevices and so on are all released by South Korea's Samsung (Samsung) company's smart mobile devices. AndroidN is a Linux-based open source operating system jointly developed by Google and the Open Handheld Device Alliance (OHA). An attacker could exploit the vulnerability to execute code with a large frame value
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1874",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.2"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "7.x"
},
{
"model": "mobile devices n",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08465"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003403"
},
{
"db": "NVD",
"id": "CVE-2018-9139"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-063"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9139"
}
]
},
"cve": "CVE-2018-9139",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-9139",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-08465",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9139",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9139",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-08465",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-063",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2018-9139",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08465"
},
{
"db": "VULMON",
"id": "CVE-2018-9139"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003403"
},
{
"db": "NVD",
"id": "CVE-2018-9139"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-063"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165. Samsung Mobile device software contains a buffer error vulnerability. Vendors have confirmed this vulnerability SVE-2017-11165 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsungmobiledevices and so on are all released by South Korea\u0027s Samsung (Samsung) company\u0027s smart mobile devices. AndroidN is a Linux-based open source operating system jointly developed by Google and the Open Handheld Device Alliance (OHA). An attacker could exploit the vulnerability to execute code with a large frame value",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9139"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003403"
},
{
"db": "CNVD",
"id": "CNVD-2018-08465"
},
{
"db": "VULMON",
"id": "CVE-2018-9139"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9139",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003403",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-08465",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201804-063",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-9139",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08465"
},
{
"db": "VULMON",
"id": "CVE-2018-9139"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003403"
},
{
"db": "NVD",
"id": "CVE-2018-9139"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-063"
}
]
},
"id": "VAR-201803-1874",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08465"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08465"
}
]
},
"last_update_date": "2023-12-18T13:19:10.440000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android Security Updates",
"trust": 0.8,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"title": "Patch for Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2018-08465)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/127519"
},
{
"title": "Samsung Fixes for mobile device buffer error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82930"
},
{
"title": "bindump4j",
"trust": 0.1,
"url": "https://github.com/flankerhqd/bindump4j "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08465"
},
{
"db": "VULMON",
"id": "CVE-2018-9139"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003403"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-063"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003403"
},
{
"db": "NVD",
"id": "CVE-2018-9139"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9139"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9139"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/flankerhqd/bindump4j"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08465"
},
{
"db": "VULMON",
"id": "CVE-2018-9139"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003403"
},
{
"db": "NVD",
"id": "CVE-2018-9139"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-063"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08465"
},
{
"db": "VULMON",
"id": "CVE-2018-9139"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003403"
},
{
"db": "NVD",
"id": "CVE-2018-9139"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-063"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08465"
},
{
"date": "2018-03-30T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9139"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003403"
},
{
"date": "2018-03-30T08:29:00.620000",
"db": "NVD",
"id": "CVE-2018-9139"
},
{
"date": "2018-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-063"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08465"
},
{
"date": "2018-04-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-9139"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003403"
},
{
"date": "2018-04-19T17:27:12.567000",
"db": "NVD",
"id": "CVE-2018-9139"
},
{
"date": "2018-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-063"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-063"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Buffer error vulnerability in mobile device software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003403"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-063"
}
],
"trust": 0.6
}
}
VAR-201410-1185
Vulnerability from variot - Updated: 2023-12-18 13:14The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic. Remote Controls feature on Samsung mobile devices is a remote control feature used by Samsung in South Korea for Samsung mobile devices. Mobile is prone to a denial-of-service vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201410-1185",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "findmymobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": null
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.3,
"vendor": "samsung",
"version": null
},
{
"model": "find my mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mmobile",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07561"
},
{
"db": "BID",
"id": "77794"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005070"
},
{
"db": "NVD",
"id": "CVE-2014-8346"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1292"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:samsung:findmymobile:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:mobile:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8346"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "77794"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8346",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-8346",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-07561",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-8346",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-07561",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201410-1292",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07561"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005070"
},
{
"db": "NVD",
"id": "CVE-2014-8346"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1292"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic. Remote Controls feature on Samsung mobile devices is a remote control feature used by Samsung in South Korea for Samsung mobile devices. Mobile is prone to a denial-of-service vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8346"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005070"
},
{
"db": "CNVD",
"id": "CNVD-2014-07561"
},
{
"db": "BID",
"id": "77794"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8346",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005070",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-07561",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1292",
"trust": 0.6
},
{
"db": "BID",
"id": "77794",
"trust": 0.3
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07561"
},
{
"db": "BID",
"id": "77794"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005070"
},
{
"db": "NVD",
"id": "CVE-2014-8346"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1292"
}
]
},
"id": "VAR-201410-1185",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07561"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07561"
}
]
},
"last_update_date": "2023-12-18T13:14:44.326000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://content.samsung.com/jp/main.do"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005070"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005070"
},
{
"db": "NVD",
"id": "CVE-2014-8346"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://www.youtube.com/watch?v=q3adkpoejyi"
},
{
"trust": 2.7,
"url": "https://www.youtube.com/watch?v=yufuoyqodoy"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8346"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8346"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07561"
},
{
"db": "BID",
"id": "77794"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005070"
},
{
"db": "NVD",
"id": "CVE-2014-8346"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1292"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-07561"
},
{
"db": "BID",
"id": "77794"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005070"
},
{
"db": "NVD",
"id": "CVE-2014-8346"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1292"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07561"
},
{
"date": "2014-10-24T00:00:00",
"db": "BID",
"id": "77794"
},
{
"date": "2014-10-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005070"
},
{
"date": "2014-10-24T10:55:05.133000",
"db": "NVD",
"id": "CVE-2014-8346"
},
{
"date": "2014-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1292"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07561"
},
{
"date": "2014-10-24T00:00:00",
"db": "BID",
"id": "77794"
},
{
"date": "2014-10-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005070"
},
{
"date": "2014-10-24T14:24:35.290000",
"db": "NVD",
"id": "CVE-2014-8346"
},
{
"date": "2014-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1292"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-1292"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Mobile device Remote Controls Service disruption in functionality (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005070"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-1292"
}
],
"trust": 0.6
}
}
VAR-201702-0012
Vulnerability from variot - Updated: 2023-12-18 13:08Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value. Samsumgandroidphone is a series of mobile phones based on the Android platform developed by South Korea's Samsung. There is a memory corruption vulnerability in the smsm_sensor_config' function in the v4l-subdev driver of samsumgandroidphone. This vulnerability is caused by the failure to perform boundary checking when the program writes gpio_config.gpio_name as an index to the buffer. An attacker could exploit this vulnerability to cause memory corruption. Samsung is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0012",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "apq8084",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8974",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8974pro",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "samsumg android phone",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:msm8974:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:samsung:apq8084:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:samsung:msm8974pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4038"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Berry Cheng.",
"sources": [
{
"db": "BID",
"id": "86366"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4038",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-4038",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-02627",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-4038",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4038",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-02627",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-370",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value. Samsumgandroidphone is a series of mobile phones based on the Android platform developed by South Korea\u0027s Samsung. There is a memory corruption vulnerability in the smsm_sensor_config\u0027 function in the v4l-subdev driver of samsumgandroidphone. This vulnerability is caused by the failure to perform boundary checking when the program writes gpio_config.gpio_name as an index to the buffer. An attacker could exploit this vulnerability to cause memory corruption. Samsung is prone to a remote memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4038"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "BID",
"id": "86366"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4038",
"trust": 3.3
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/04/18/8",
"trust": 3.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/04/17/2",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-02627",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370",
"trust": 0.6
},
{
"db": "BID",
"id": "86366",
"trust": 0.3
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "BID",
"id": "86366"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
]
},
"id": "VAR-201702-0012",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
}
]
},
"last_update_date": "2023-12-18T13:08:59.349000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2015-4958: msm_sensor_config security issues",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2016"
},
{
"title": "Samsumgandroidphonev4l-subdev driver memory corruption vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/74785"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.openwall.com/lists/oss-security/2016/04/18/8"
},
{
"trust": 1.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2016"
},
{
"trust": 1.6,
"url": "http://www.openwall.com/lists/oss-security/2016/04/17/2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4038"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4038"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "BID",
"id": "86366"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"db": "BID",
"id": "86366"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"db": "NVD",
"id": "CVE-2016-4038"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"date": "2016-04-17T00:00:00",
"db": "BID",
"id": "86366"
},
{
"date": "2017-03-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"date": "2017-02-01T15:59:00.223000",
"db": "NVD",
"id": "CVE-2016-4038"
},
{
"date": "2016-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02627"
},
{
"date": "2016-04-17T00:00:00",
"db": "BID",
"id": "86366"
},
{
"date": "2017-03-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007853"
},
{
"date": "2017-03-04T23:06:33.777000",
"db": "NVD",
"id": "CVE-2016-4038"
},
{
"date": "2017-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "With certain Qualcomm chipsets Android Equipped with Samsung Device vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007853"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-370"
}
],
"trust": 0.6
}
}
VAR-201611-0321
Vulnerability from variot - Updated: 2023-12-18 13:03The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The Samsung ID is SVE-2016-6343. SamsungMobile is a series of smart mobile devices released by South Korea's Samsung. Multiple Samsung Galaxy products are prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Samsung Galaxy devices with Marshmallow 6.0 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0321",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 2.2,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "galaxy s7",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s6 edge",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s6",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s5",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s4 mini",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s4",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11551"
},
{
"db": "BID",
"id": "94494"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005939"
},
{
"db": "NVD",
"id": "CVE-2016-9567"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9567"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhaozhanpeng of Cheetah Mobile.",
"sources": [
{
"db": "BID",
"id": "94494"
}
],
"trust": 0.3
},
"cve": "CVE-2016-9567",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-9567",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-11551",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-9567",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-9567",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-11551",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-532",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11551"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005939"
},
{
"db": "NVD",
"id": "CVE-2016-9567"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device\u0027s screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The Samsung ID is SVE-2016-6343. SamsungMobile is a series of smart mobile devices released by South Korea\u0027s Samsung. Multiple Samsung Galaxy products are prone to a security-bypass vulnerability. \nAn attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nSamsung Galaxy devices with Marshmallow 6.0 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9567"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005939"
},
{
"db": "CNVD",
"id": "CNVD-2016-11551"
},
{
"db": "BID",
"id": "94494"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-9567",
"trust": 3.3
},
{
"db": "BID",
"id": "94494",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005939",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-11551",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201611-532",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11551"
},
{
"db": "BID",
"id": "94494"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005939"
},
{
"db": "NVD",
"id": "CVE-2016-9567"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
]
},
"id": "VAR-201611-0321",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11551"
}
],
"trust": 1.09932456
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11551"
}
]
},
"last_update_date": "2023-12-18T13:03:12.619000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-6343",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-nov-2016"
},
{
"title": "SamsungMobileS7 Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/84438"
},
{
"title": "Samsung Mobile S7 Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65867"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11551"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005939"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005939"
},
{
"db": "NVD",
"id": "CVE-2016-9567"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-nov-2016"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/94494"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9567"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9567"
},
{
"trust": 0.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11551"
},
{
"db": "BID",
"id": "94494"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005939"
},
{
"db": "NVD",
"id": "CVE-2016-9567"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11551"
},
{
"db": "BID",
"id": "94494"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005939"
},
{
"db": "NVD",
"id": "CVE-2016-9567"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11551"
},
{
"date": "2016-11-23T00:00:00",
"db": "BID",
"id": "94494"
},
{
"date": "2016-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005939"
},
{
"date": "2016-11-23T11:59:02.873000",
"db": "NVD",
"id": "CVE-2016-9567"
},
{
"date": "2016-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11551"
},
{
"date": "2016-11-24T00:17:00",
"db": "BID",
"id": "94494"
},
{
"date": "2016-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005939"
},
{
"date": "2016-11-29T18:05:12.090000",
"db": "NVD",
"id": "CVE-2016-9567"
},
{
"date": "2016-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Mobile S7 Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11551"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-532"
}
],
"trust": 0.6
}
}
VAR-201706-0020
Vulnerability from variot - Updated: 2023-12-18 13:03Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). The Samsung Galaxy S6 is a smartphone released by South Korea's Samsung. An attacker could exploit the vulnerability to crash a device and refuse to serve legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0020",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "galaxy s6",
"scope": null,
"trust": 1.4,
"vendor": "samsung",
"version": null
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "*"
},
{
"model": "mobile",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "galaxy s6",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08538"
},
{
"db": "BID",
"id": "77429"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007617"
},
{
"db": "NVD",
"id": "CVE-2015-7895"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-675"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7895"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Natashenka",
"sources": [
{
"db": "BID",
"id": "77429"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-675"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7895",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-7895",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-08538",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-7895",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7895",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-08538",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-675",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08538"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007617"
},
{
"db": "NVD",
"id": "CVE-2015-7895"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-675"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). The Samsung Galaxy S6 is a smartphone released by South Korea\u0027s Samsung. An attacker could exploit the vulnerability to crash a device and refuse to serve legitimate users",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7895"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007617"
},
{
"db": "CNVD",
"id": "CNVD-2015-08538"
},
{
"db": "BID",
"id": "77429"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7895",
"trust": 3.3
},
{
"db": "BID",
"id": "77429",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "38613",
"trust": 1.6
},
{
"db": "PACKETSTORM",
"id": "134950",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007617",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2015-08538",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201512-675",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08538"
},
{
"db": "BID",
"id": "77429"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007617"
},
{
"db": "NVD",
"id": "CVE-2015-7895"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-675"
}
]
},
"id": "VAR-201706-0020",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08538"
}
],
"trust": 1.10842494
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08538"
}
]
},
"last_update_date": "2023-12-18T13:03:02.140000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Issue 497",
"trust": 0.8,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=497\u0026redir=1"
},
{
"title": "Hack The Galaxy: Hunting Bugs in the Samsung Galaxy S6 Edge",
"trust": 0.8,
"url": "https://googleprojectzero.blogspot.jp/2015/11/hack-galaxy-hunting-bugs-in-samsung.html"
},
{
"title": "Samsung Galaxy",
"trust": 0.8,
"url": "http://www.galaxymobile.jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007617"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007617"
},
{
"db": "NVD",
"id": "CVE-2015-7895"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/77429"
},
{
"trust": 1.9,
"url": "https://googleprojectzero.blogspot.ie/2015/11/hack-galaxy-hunting-bugs-in-samsung.html"
},
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/134950/samsung-galaxy-s6-samsung-gallery-bitmap-decoding-crash.html"
},
{
"trust": 1.6,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=497\u0026redir=1"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/38613/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7895"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7895"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
},
{
"trust": 0.3,
"url": "https://code.google.com/p/google-security-research/issues/detail?id=497"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08538"
},
{
"db": "BID",
"id": "77429"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007617"
},
{
"db": "NVD",
"id": "CVE-2015-7895"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-675"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-08538"
},
{
"db": "BID",
"id": "77429"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007617"
},
{
"db": "NVD",
"id": "CVE-2015-7895"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-675"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08538"
},
{
"date": "2015-11-02T00:00:00",
"db": "BID",
"id": "77429"
},
{
"date": "2017-07-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007617"
},
{
"date": "2017-06-27T20:29:00.697000",
"db": "NVD",
"id": "CVE-2015-7895"
},
{
"date": "2015-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-675"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08538"
},
{
"date": "2015-11-02T00:00:00",
"db": "BID",
"id": "77429"
},
{
"date": "2017-07-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007617"
},
{
"date": "2017-07-03T17:45:01.247000",
"db": "NVD",
"id": "CVE-2015-7895"
},
{
"date": "2017-06-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-675"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-675"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Galaxy S6 of Samsung Gallery Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007617"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-675"
}
],
"trust": 0.6
}
}
VAR-201803-1875
Vulnerability from variot - Updated: 2023-12-18 13:02On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747. Samsung Mobile device software contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability SVE-2017-10747 It is released as.Information may be obtained and information may be altered. Samsungmobiledevices and so on are all released by South Korea's Samsung (Samsung) company's smart mobile devices. AndroidM is a Linux-based open source operating system jointly developed by Google and the Open Handheld Device Alliance (OHA). Emailapplication is one of the email applications
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1875",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 2.4,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile devices m",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003404"
},
{
"db": "NVD",
"id": "CVE-2018-9140"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-062"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9140"
}
]
},
"cve": "CVE-2018-9140",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-9140",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-08464",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-9140",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9140",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-08464",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-062",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003404"
},
{
"db": "NVD",
"id": "CVE-2018-9140"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-062"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747. Samsung Mobile device software contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability SVE-2017-10747 It is released as.Information may be obtained and information may be altered. Samsungmobiledevices and so on are all released by South Korea\u0027s Samsung (Samsung) company\u0027s smart mobile devices. AndroidM is a Linux-based open source operating system jointly developed by Google and the Open Handheld Device Alliance (OHA). Emailapplication is one of the email applications",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9140"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003404"
},
{
"db": "CNVD",
"id": "CNVD-2018-08464"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9140",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003404",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-08464",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201804-062",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003404"
},
{
"db": "NVD",
"id": "CVE-2018-9140"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-062"
}
]
},
"id": "VAR-201803-1875",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08464"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08464"
}
]
},
"last_update_date": "2023-12-18T13:02:42.232000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android Security Updates",
"trust": 0.8,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"title": "Samsung mobile device Email application cross-site scripting vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/127523"
},
{
"title": "Samsung Mobile devices Email Fixes for application security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82929"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003404"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-062"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003404"
},
{
"db": "NVD",
"id": "CVE-2018-9140"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://security.samsungmobile.com/securityupdate.smsb"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9140"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9140"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003404"
},
{
"db": "NVD",
"id": "CVE-2018-9140"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-062"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003404"
},
{
"db": "NVD",
"id": "CVE-2018-9140"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-062"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08464"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003404"
},
{
"date": "2018-03-30T08:29:00.683000",
"db": "NVD",
"id": "CVE-2018-9140"
},
{
"date": "2018-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-062"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08464"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003404"
},
{
"date": "2018-04-19T17:26:41.847000",
"db": "NVD",
"id": "CVE-2018-9140"
},
{
"date": "2018-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-062"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-062"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Cross-site scripting vulnerability in mobile device software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003404"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-062"
}
],
"trust": 0.6
}
}
VAR-201701-1094
Vulnerability from variot - Updated: 2023-12-18 12:57The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE-2016-6736. Samsung MobilePhone is a smartphone released by South Korea's Samsung. An information disclosure vulnerability and a denial of service vulnerability exist in Samsung MobilePhone. An attacker could exploit these vulnerabilities to gain denial of service or access to unauthorized information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201701-1094",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "exynos fimg2d driver",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": null
},
{
"model": "exynos",
"scope": "eq",
"trust": 0.9,
"vendor": "samsung",
"version": "5400"
},
{
"model": "exynos",
"scope": "eq",
"trust": 0.9,
"vendor": "samsung",
"version": "5433"
},
{
"model": "exynos",
"scope": "eq",
"trust": 0.9,
"vendor": "samsung",
"version": "7420"
},
{
"model": "exynos fimg2d driver",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11377"
},
{
"db": "BID",
"id": "94283"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006969"
},
{
"db": "NVD",
"id": "CVE-2016-9278"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:samsung:exynos_fimg2d_driver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9278"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "James Fang and Anthony LAOU HINE TSUEI of Tencent Keen Lab.",
"sources": [
{
"db": "BID",
"id": "94283"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
],
"trust": 0.9
},
"cve": "CVE-2016-9278",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 4.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-9278",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-11377",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-9278",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-9278",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-11377",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-371",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11377"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006969"
},
{
"db": "NVD",
"id": "CVE-2016-9278"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE-2016-6736. Samsung MobilePhone is a smartphone released by South Korea\u0027s Samsung. An information disclosure vulnerability and a denial of service vulnerability exist in Samsung MobilePhone. An attacker could exploit these vulnerabilities to gain denial of service or access to unauthorized information",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9278"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006969"
},
{
"db": "CNVD",
"id": "CNVD-2016-11377"
},
{
"db": "BID",
"id": "94283"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-9278",
"trust": 3.3
},
{
"db": "BID",
"id": "94283",
"trust": 2.5
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/11/09/3",
"trust": 1.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/11/11/11",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006969",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-11377",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201611-371",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11377"
},
{
"db": "BID",
"id": "94283"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006969"
},
{
"db": "NVD",
"id": "CVE-2016-9278"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
]
},
"id": "VAR-201701-1094",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11377"
}
],
"trust": 1.0642857000000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11377"
}
]
},
"last_update_date": "2023-12-18T12:57:30.292000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SMR-NOV-2016 (SVE-2016-6736: Kernel Crash on /dev/fimg2d ioctl command)",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-nov-2016"
},
{
"title": "SamsungMobilePhones has multiple vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/84148"
},
{
"title": "Samsung Mobile Phone Fixes for information disclosure vulnerabilities and denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65730"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11377"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006969"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006969"
},
{
"db": "NVD",
"id": "CVE-2016-9278"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/94283"
},
{
"trust": 1.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-nov-2016"
},
{
"trust": 1.6,
"url": "http://www.openwall.com/lists/oss-security/2016/11/09/3"
},
{
"trust": 1.6,
"url": "http://www.openwall.com/lists/oss-security/2016/11/11/11"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9278"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9278"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
},
{
"trust": 0.3,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-sep-2016"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11377"
},
{
"db": "BID",
"id": "94283"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006969"
},
{
"db": "NVD",
"id": "CVE-2016-9278"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11377"
},
{
"db": "BID",
"id": "94283"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006969"
},
{
"db": "NVD",
"id": "CVE-2016-9278"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11377"
},
{
"date": "2016-11-09T00:00:00",
"db": "BID",
"id": "94283"
},
{
"date": "2017-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006969"
},
{
"date": "2017-01-18T17:59:01.230000",
"db": "NVD",
"id": "CVE-2016-9278"
},
{
"date": "2016-11-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11377"
},
{
"date": "2016-11-24T01:09:00",
"db": "BID",
"id": "94283"
},
{
"date": "2017-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006969"
},
{
"date": "2017-04-25T01:59:00.687000",
"db": "NVD",
"id": "CVE-2016-9278"
},
{
"date": "2017-01-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Exynos With a specific chipset Android for Exynos fimg2d Service disruption in drivers (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006969"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-371"
}
],
"trust": 0.6
}
}
VAR-201701-1095
Vulnerability from variot - Updated: 2023-12-18 12:57Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853. Samsung MobilePhone is a smartphone released by South Korea's Samsung. An information disclosure vulnerability and a denial of service vulnerability exist in Samsung MobilePhone. An attacker could exploit these vulnerabilities to gain denial of service or access to unauthorized information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201701-1095",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "exynos fimg2d driver",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": null
},
{
"model": "exynos",
"scope": "eq",
"trust": 0.9,
"vendor": "samsung",
"version": "5400"
},
{
"model": "exynos",
"scope": "eq",
"trust": 0.9,
"vendor": "samsung",
"version": "5433"
},
{
"model": "exynos",
"scope": "eq",
"trust": 0.9,
"vendor": "samsung",
"version": "7420"
},
{
"model": "exynos fimg2d driver",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11378"
},
{
"db": "BID",
"id": "94283"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006970"
},
{
"db": "NVD",
"id": "CVE-2016-9279"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:samsung:exynos_fimg2d_driver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9279"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "James Fang and Anthony LAOU HINE TSUEI of Tencent Keen Lab.",
"sources": [
{
"db": "BID",
"id": "94283"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
],
"trust": 0.9
},
"cve": "CVE-2016-9279",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-9279",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-11378",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-9279",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-9279",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-11378",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-372",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11378"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006970"
},
{
"db": "NVD",
"id": "CVE-2016-9279"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853. Samsung MobilePhone is a smartphone released by South Korea\u0027s Samsung. An information disclosure vulnerability and a denial of service vulnerability exist in Samsung MobilePhone. An attacker could exploit these vulnerabilities to gain denial of service or access to unauthorized information",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9279"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006970"
},
{
"db": "CNVD",
"id": "CNVD-2016-11378"
},
{
"db": "BID",
"id": "94283"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-9279",
"trust": 3.3
},
{
"db": "BID",
"id": "94283",
"trust": 2.5
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/11/09/3",
"trust": 1.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/11/11/11",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006970",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-11378",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201611-372",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11378"
},
{
"db": "BID",
"id": "94283"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006970"
},
{
"db": "NVD",
"id": "CVE-2016-9279"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
]
},
"id": "VAR-201701-1095",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11378"
}
],
"trust": 1.0642857000000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11378"
}
]
},
"last_update_date": "2023-12-18T12:57:30.261000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SMR-NOV-2016 (SVE-2016-6853: Use After Free in /dev/fimg2d)",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-nov-2016"
},
{
"title": "Samsung MobilePhones has multiple bugs (CNVD-2016-11378) patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/84149"
},
{
"title": "Samsung Mobile Phone Fixes for information disclosure vulnerabilities and denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65731"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11378"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006970"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006970"
},
{
"db": "NVD",
"id": "CVE-2016-9279"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/94283"
},
{
"trust": 1.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-nov-2016"
},
{
"trust": 1.6,
"url": "http://www.openwall.com/lists/oss-security/2016/11/09/3"
},
{
"trust": 1.6,
"url": "http://www.openwall.com/lists/oss-security/2016/11/11/11"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9279"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9279"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
},
{
"trust": 0.3,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-sep-2016"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11378"
},
{
"db": "BID",
"id": "94283"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006970"
},
{
"db": "NVD",
"id": "CVE-2016-9279"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11378"
},
{
"db": "BID",
"id": "94283"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006970"
},
{
"db": "NVD",
"id": "CVE-2016-9279"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11378"
},
{
"date": "2016-11-09T00:00:00",
"db": "BID",
"id": "94283"
},
{
"date": "2017-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006970"
},
{
"date": "2017-01-18T17:59:01.263000",
"db": "NVD",
"id": "CVE-2016-9279"
},
{
"date": "2016-11-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11378"
},
{
"date": "2016-11-24T01:09:00",
"db": "BID",
"id": "94283"
},
{
"date": "2017-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006970"
},
{
"date": "2017-04-25T01:59:00.733000",
"db": "NVD",
"id": "CVE-2016-9279"
},
{
"date": "2017-01-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Exynos With a specific chipset Android for Exynos fimg2d Vulnerabilities in which important information is obtained in drivers",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006970"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-372"
}
],
"trust": 0.6
}
}
VAR-201701-0191
Vulnerability from variot - Updated: 2023-12-18 12:51The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. Samsung MobilePhone is a smartphone released by Samsung in South Korea. Samsung MobilePhone has a security vulnerability that allows a local attacker to exploit this vulnerability to increase privileges. Samsung Android Phone is prone to multiple privilege-escalation vulnerabilities. Attackers can exploit these issues gain elevated privileges. Samsung Mobile Phones running Android versions L 5.0, L 5.1 and M 6.0 are vulnerable. Description of the potential vulnerability: Severity: Medium Affected versions: L(5.0/5.1), M(6.0) Reported on: May 11, 2016 Disclosure status: Privately disclosed.
Fix: http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 SVE-2016-6242: Possible Privilege Escalation in telecom
Description of the potential vulnerability: Severity: Medium Affected versions: L(5.0/5.1), M(6.0) Reported on: May 11, 2016 Disclosure status: Privately disclosed.
Fix: http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 SVE-2016-6244: Possible Privilege Escalation in telecom
Sincerely, Zhaozhanpeng(0xr0ot)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201701-0191",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile phones",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "android m",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "android l",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "android l",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "5.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06365"
},
{
"db": "BID",
"id": "92330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006938"
},
{
"db": "NVD",
"id": "CVE-2016-6526"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6526"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhaozhanpeng of Cheetah Mobile.",
"sources": [
{
"db": "BID",
"id": "92330"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
],
"trust": 0.9
},
"cve": "CVE-2016-6526",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-6526",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-06365",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-6526",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6526",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-06365",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-255",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06365"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006938"
},
{
"db": "NVD",
"id": "CVE-2016-6526"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. Samsung MobilePhone is a smartphone released by Samsung in South Korea. Samsung MobilePhone has a security vulnerability that allows a local attacker to exploit this vulnerability to increase privileges. Samsung Android Phone is prone to multiple privilege-escalation vulnerabilities. \nAttackers can exploit these issues gain elevated privileges. \nSamsung Mobile Phones running Android versions L 5.0, L 5.1 and M 6.0 are vulnerable. Description of the potential vulnerability:\nSeverity: Medium\nAffected versions: L(5.0/5.1), M(6.0)\nReported on: May 11, 2016\nDisclosure status: Privately disclosed. \n\nFix:\nhttp://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016\nSVE-2016-6242: Possible Privilege Escalation in telecom\n\nDescription of the potential vulnerability:\nSeverity: Medium\nAffected versions: L(5.0/5.1), M(6.0)\nReported on: May 11, 2016\nDisclosure status: Privately disclosed. \n\nFix:\nhttp://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016\nSVE-2016-6244: Possible Privilege Escalation in telecom\n\nSincerely,\nZhaozhanpeng(0xr0ot)\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6526"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006938"
},
{
"db": "CNVD",
"id": "CNVD-2016-06365"
},
{
"db": "BID",
"id": "92330"
},
{
"db": "PACKETSTORM",
"id": "138201"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6526",
"trust": 3.4
},
{
"db": "BID",
"id": "92330",
"trust": 2.5
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/08/05/1",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006938",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-06365",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201608-255",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "138201",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06365"
},
{
"db": "BID",
"id": "92330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006938"
},
{
"db": "PACKETSTORM",
"id": "138201"
},
{
"db": "NVD",
"id": "CVE-2016-6526"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
]
},
"id": "VAR-201701-0191",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06365"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06365"
}
]
},
"last_update_date": "2023-12-18T12:51:28.353000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-6242: Possible Privilege Escalation in telecom",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-aug-2016"
},
{
"title": "SamsungMobilePhone privilege escalation vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/80480"
},
{
"title": "Samsung Mobile Phone Repair measures for privilege escalation",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63633"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06365"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006938"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006938"
},
{
"db": "NVD",
"id": "CVE-2016-6526"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-aug-2016"
},
{
"trust": 1.6,
"url": "http://www.openwall.com/lists/oss-security/2016/08/05/1"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/92330"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6526"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6526"
},
{
"trust": 0.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6526"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6527"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06365"
},
{
"db": "BID",
"id": "92330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006938"
},
{
"db": "PACKETSTORM",
"id": "138201"
},
{
"db": "NVD",
"id": "CVE-2016-6526"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-06365"
},
{
"db": "BID",
"id": "92330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006938"
},
{
"db": "PACKETSTORM",
"id": "138201"
},
{
"db": "NVD",
"id": "CVE-2016-6526"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06365"
},
{
"date": "2016-08-05T00:00:00",
"db": "BID",
"id": "92330"
},
{
"date": "2017-01-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006938"
},
{
"date": "2016-08-04T13:03:33",
"db": "PACKETSTORM",
"id": "138201"
},
{
"date": "2017-01-18T17:59:00.387000",
"db": "NVD",
"id": "CVE-2016-6526"
},
{
"date": "2016-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06365"
},
{
"date": "2016-08-05T00:00:00",
"db": "BID",
"id": "92330"
},
{
"date": "2017-01-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006938"
},
{
"date": "2017-01-27T16:05:28.567000",
"db": "NVD",
"id": "CVE-2016-6526"
},
{
"date": "2017-01-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Note Device Telecom Application SpamCall Activity Service disruption in components (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006938"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-255"
}
],
"trust": 0.6
}
}
VAR-201611-0373
Vulnerability from variot - Updated: 2023-12-18 12:44Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906. Samsung Note Device SystemUI Contains an integer overflow vulnerability. Vendors have confirmed this vulnerability SVE-2016-6906 It is released as. Supplementary information : CWE Vulnerability type by CWE-190: Integer Overflow or Wraparound ( Integer overflow or wraparound ) Has been identified. SamsungNote is a smartphone released by South Korea's Samsung. KK is a reactivation lock module that runs in it. Samsung Mobile Phones are prone to a denial-of-service vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0373",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "note kk",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "4.4"
},
{
"model": "note l",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "note",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "galaxy s6",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s5",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s4",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.2"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.4"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.2"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11063"
},
{
"db": "BID",
"id": "94292"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005877"
},
{
"db": "NVD",
"id": "CVE-2016-9277"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9277"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Quhe of Alipay unLimit Security Team.",
"sources": [
{
"db": "BID",
"id": "94292"
}
],
"trust": 0.3
},
"cve": "CVE-2016-9277",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-9277",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-11063",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-9277",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-9277",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-11063",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-224",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11063"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005877"
},
{
"db": "NVD",
"id": "CVE-2016-9277"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906. Samsung Note Device SystemUI Contains an integer overflow vulnerability. Vendors have confirmed this vulnerability SVE-2016-6906 It is released as. Supplementary information : CWE Vulnerability type by CWE-190: Integer Overflow or Wraparound ( Integer overflow or wraparound ) Has been identified. SamsungNote is a smartphone released by South Korea\u0027s Samsung. KK is a reactivation lock module that runs in it. Samsung Mobile Phones are prone to a denial-of-service vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9277"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005877"
},
{
"db": "CNVD",
"id": "CNVD-2016-11063"
},
{
"db": "BID",
"id": "94292"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-9277",
"trust": 3.3
},
{
"db": "BID",
"id": "94292",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005877",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-11063",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201611-224",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11063"
},
{
"db": "BID",
"id": "94292"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005877"
},
{
"db": "NVD",
"id": "CVE-2016-9277"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
]
},
"id": "VAR-201611-0373",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11063"
}
],
"trust": 1.2433270850000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11063"
}
]
},
"last_update_date": "2023-12-18T12:44:47.974000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-6906",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-nov-2016"
},
{
"title": "Patch for SamsungNote Device Integer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/83866"
},
{
"title": "Samsung Note Fixes for device integer overflow vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65594"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11063"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005877"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005877"
},
{
"db": "NVD",
"id": "CVE-2016-9277"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-nov-2016"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/94292"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9277"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9277"
},
{
"trust": 0.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11063"
},
{
"db": "BID",
"id": "94292"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005877"
},
{
"db": "NVD",
"id": "CVE-2016-9277"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11063"
},
{
"db": "BID",
"id": "94292"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005877"
},
{
"db": "NVD",
"id": "CVE-2016-9277"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11063"
},
{
"date": "2016-11-11T00:00:00",
"db": "BID",
"id": "94292"
},
{
"date": "2016-11-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005877"
},
{
"date": "2016-11-11T19:59:00.167000",
"db": "NVD",
"id": "CVE-2016-9277"
},
{
"date": "2016-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11063"
},
{
"date": "2016-11-24T01:09:00",
"db": "BID",
"id": "94292"
},
{
"date": "2016-11-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005877"
},
{
"date": "2016-11-29T18:22:11.750000",
"db": "NVD",
"id": "CVE-2016-9277"
},
{
"date": "2016-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Note Device Integer Overflow Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11063"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-224"
}
],
"trust": 0.6
}
}
VAR-201612-0406
Vulnerability from variot - Updated: 2023-12-18 12:37Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119. Vendors have confirmed this vulnerability SVE-2016-7119 It is released as.Denial of service by attacker ( System crash ) It may be put into a state or it may be authorized. SamsungNote is a smartphone released by South Korea's Samsung. Telecom is one of the communication components. Samsung Mobile Phones are prone to multiple denial-of-service vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201612-0406",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "galaxy s7",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s6",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s5",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13011"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006405"
},
{
"db": "NVD",
"id": "CVE-2016-9965"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-569"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9965"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported these issues.",
"sources": [
{
"db": "BID",
"id": "94955"
}
],
"trust": 0.3
},
"cve": "CVE-2016-9965",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-9965",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-13011",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-9965",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-9965",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2016-13011",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201612-569",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13011"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006405"
},
{
"db": "NVD",
"id": "CVE-2016-9965"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-569"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119. Vendors have confirmed this vulnerability SVE-2016-7119 It is released as.Denial of service by attacker ( System crash ) It may be put into a state or it may be authorized. SamsungNote is a smartphone released by South Korea\u0027s Samsung. Telecom is one of the communication components. Samsung Mobile Phones are prone to multiple denial-of-service vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9965"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006405"
},
{
"db": "CNVD",
"id": "CNVD-2016-13011"
},
{
"db": "BID",
"id": "94955"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-9965",
"trust": 3.3
},
{
"db": "BID",
"id": "94955",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006405",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-13011",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201612-569",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13011"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006405"
},
{
"db": "NVD",
"id": "CVE-2016-9965"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-569"
}
]
},
"id": "VAR-201612-0406",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13011"
}
],
"trust": 1.236477335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13011"
}
]
},
"last_update_date": "2023-12-18T12:37:39.329000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-7119, SVE-2016-7120, and SVE-2016-7121: Possible Privilege Escalation in telecom",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-dec-2016"
},
{
"title": "Patch for SamsungNoteTelecom Denial of Service Vulnerability (CNVD-2016-13011)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/86633"
},
{
"title": "Samsung Note Telecom Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66596"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13011"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006405"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-569"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-388",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006405"
},
{
"db": "NVD",
"id": "CVE-2016-9965"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-dec-2016"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/94955"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9965"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9965"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13011"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006405"
},
{
"db": "NVD",
"id": "CVE-2016-9965"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-569"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-13011"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006405"
},
{
"db": "NVD",
"id": "CVE-2016-9965"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-569"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-13011"
},
{
"date": "2016-09-13T00:00:00",
"db": "BID",
"id": "94955"
},
{
"date": "2016-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006405"
},
{
"date": "2016-12-16T09:59:00.403000",
"db": "NVD",
"id": "CVE-2016-9965"
},
{
"date": "2016-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-569"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-13011"
},
{
"date": "2016-12-20T00:12:00",
"db": "BID",
"id": "94955"
},
{
"date": "2016-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006405"
},
{
"date": "2016-12-22T18:31:00.920000",
"db": "NVD",
"id": "CVE-2016-9965"
},
{
"date": "2016-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-569"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-569"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Note Device software Telecom Service disruption in applications (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006405"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-569"
}
],
"trust": 0.6
}
}
VAR-201612-0407
Vulnerability from variot - Updated: 2023-12-18 12:37Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7120. Vendors have confirmed this vulnerability SVE-2016-7120 It is released as.Denial of service by attacker ( System crash ) It may be put into a state or it may be authorized. SamsungNote is a smartphone released by South Korea's Samsung. Telecom is one of the communication components. Samsung Mobile Phones are prone to multiple denial-of-service vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201612-0407",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "galaxy s7",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s6",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s5",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13010"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006406"
},
{
"db": "NVD",
"id": "CVE-2016-9966"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-568"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9966"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported these issues.",
"sources": [
{
"db": "BID",
"id": "94955"
}
],
"trust": 0.3
},
"cve": "CVE-2016-9966",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-9966",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-13010",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-9966",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-9966",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2016-13010",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201612-568",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2016-9966",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13010"
},
{
"db": "VULMON",
"id": "CVE-2016-9966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006406"
},
{
"db": "NVD",
"id": "CVE-2016-9966"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-568"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7120. Vendors have confirmed this vulnerability SVE-2016-7120 It is released as.Denial of service by attacker ( System crash ) It may be put into a state or it may be authorized. SamsungNote is a smartphone released by South Korea\u0027s Samsung. Telecom is one of the communication components. Samsung Mobile Phones are prone to multiple denial-of-service vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006406"
},
{
"db": "CNVD",
"id": "CNVD-2016-13010"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "VULMON",
"id": "CVE-2016-9966"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-9966",
"trust": 3.4
},
{
"db": "BID",
"id": "94955",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006406",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-13010",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201612-568",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-9966",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13010"
},
{
"db": "VULMON",
"id": "CVE-2016-9966"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006406"
},
{
"db": "NVD",
"id": "CVE-2016-9966"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-568"
}
]
},
"id": "VAR-201612-0407",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13010"
}
],
"trust": 1.236477335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13010"
}
]
},
"last_update_date": "2023-12-18T12:37:39.264000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-7119, SVE-2016-7120, and SVE-2016-7121: Possible Privilege Escalation in telecom",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-dec-2016"
},
{
"title": "Patch for SamsungNoteTelecom Denial of Service Vulnerability (CNVD-2016-13010)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/86632"
},
{
"title": "Samsung Note Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66595"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13010"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006406"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-568"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-388",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006406"
},
{
"db": "NVD",
"id": "CVE-2016-9966"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-dec-2016"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/94955"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9966"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9966"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/388.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13010"
},
{
"db": "VULMON",
"id": "CVE-2016-9966"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006406"
},
{
"db": "NVD",
"id": "CVE-2016-9966"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-568"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-13010"
},
{
"db": "VULMON",
"id": "CVE-2016-9966"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006406"
},
{
"db": "NVD",
"id": "CVE-2016-9966"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-568"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-13010"
},
{
"date": "2016-12-16T00:00:00",
"db": "VULMON",
"id": "CVE-2016-9966"
},
{
"date": "2016-09-13T00:00:00",
"db": "BID",
"id": "94955"
},
{
"date": "2016-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006406"
},
{
"date": "2016-12-16T09:59:00.420000",
"db": "NVD",
"id": "CVE-2016-9966"
},
{
"date": "2016-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-568"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-13010"
},
{
"date": "2016-12-22T00:00:00",
"db": "VULMON",
"id": "CVE-2016-9966"
},
{
"date": "2016-12-20T00:12:00",
"db": "BID",
"id": "94955"
},
{
"date": "2016-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006406"
},
{
"date": "2016-12-22T18:30:56.717000",
"db": "NVD",
"id": "CVE-2016-9966"
},
{
"date": "2016-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-568"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-568"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Note Device software Telecom Service disruption in applications (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006406"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-568"
}
],
"trust": 0.6
}
}
VAR-201612-0408
Vulnerability from variot - Updated: 2023-12-18 12:37Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121. Vendors have confirmed this vulnerability SVE-2016-7121 It is released as.Denial of service by attacker ( System crash ) It may be put into a state or it may be authorized. SamsungNote is a smartphone released by South Korea's Samsung. Telecom is one of the communication components. Samsung Mobile Phones are prone to multiple denial-of-service vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201612-0408",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "samsungnote",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "galaxy s7",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s6",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s5",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13012"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006407"
},
{
"db": "NVD",
"id": "CVE-2016-9967"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-567"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9967"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported these issues.",
"sources": [
{
"db": "BID",
"id": "94955"
}
],
"trust": 0.3
},
"cve": "CVE-2016-9967",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-9967",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-13012",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-9967",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-9967",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2016-13012",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201612-567",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13012"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006407"
},
{
"db": "NVD",
"id": "CVE-2016-9967"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-567"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121. Vendors have confirmed this vulnerability SVE-2016-7121 It is released as.Denial of service by attacker ( System crash ) It may be put into a state or it may be authorized. SamsungNote is a smartphone released by South Korea\u0027s Samsung. Telecom is one of the communication components. Samsung Mobile Phones are prone to multiple denial-of-service vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9967"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006407"
},
{
"db": "CNVD",
"id": "CNVD-2016-13012"
},
{
"db": "BID",
"id": "94955"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-9967",
"trust": 3.3
},
{
"db": "BID",
"id": "94955",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006407",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-13012",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201612-567",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13012"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006407"
},
{
"db": "NVD",
"id": "CVE-2016-9967"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-567"
}
]
},
"id": "VAR-201612-0408",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13012"
}
],
"trust": 1.236477335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13012"
}
]
},
"last_update_date": "2023-12-18T12:37:39.297000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-7119, SVE-2016-7120, and SVE-2016-7121: Possible Privilege Escalation in telecom",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-dec-2016"
},
{
"title": "SamsungNoteTelecom denial of service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/86635"
},
{
"title": "Samsung Note Telecom Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66594"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13012"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006407"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-567"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-388",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006407"
},
{
"db": "NVD",
"id": "CVE-2016-9967"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-dec-2016"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/94955"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9967"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9967"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13012"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006407"
},
{
"db": "NVD",
"id": "CVE-2016-9967"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-567"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-13012"
},
{
"db": "BID",
"id": "94955"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-006407"
},
{
"db": "NVD",
"id": "CVE-2016-9967"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-567"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-13012"
},
{
"date": "2016-09-13T00:00:00",
"db": "BID",
"id": "94955"
},
{
"date": "2016-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006407"
},
{
"date": "2016-12-16T09:59:00.450000",
"db": "NVD",
"id": "CVE-2016-9967"
},
{
"date": "2016-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-567"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-13012"
},
{
"date": "2016-12-20T00:12:00",
"db": "BID",
"id": "94955"
},
{
"date": "2016-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-006407"
},
{
"date": "2016-12-22T18:30:52.403000",
"db": "NVD",
"id": "CVE-2016-9967"
},
{
"date": "2016-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-567"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-567"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Note Device software Telecom Service disruption in applications (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-006407"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-567"
}
],
"trust": 0.6
}
}
VAR-201708-0035
Vulnerability from variot - Updated: 2023-12-18 12:37LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. Samsung Galaxy S6 Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Samsung LibQjpeg is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-0035",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "6.0.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.2"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.1.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "5.0.2"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "galaxy s6",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "77425"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007814"
},
{
"db": "NVD",
"id": "CVE-2015-7896"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-665"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7896"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Natashenka",
"sources": [
{
"db": "BID",
"id": "77425"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-665"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7896",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-7896",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-7896",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7896",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-665",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007814"
},
{
"db": "NVD",
"id": "CVE-2015-7896"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-665"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. Samsung Galaxy S6 Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Samsung LibQjpeg is prone to a remote memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7896"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007814"
},
{
"db": "BID",
"id": "77425"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7896",
"trust": 2.7
},
{
"db": "BID",
"id": "77425",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "38612",
"trust": 1.6
},
{
"db": "PACKETSTORM",
"id": "134198",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007814",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-665",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "77425"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007814"
},
{
"db": "NVD",
"id": "CVE-2015-7896"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-665"
}
]
},
"id": "VAR-201708-0035",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.50842494
},
"last_update_date": "2023-12-18T12:37:19.219000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Issue 498",
"trust": 0.8,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=498\u0026redir=1"
},
{
"title": "Galaxy S6",
"trust": 0.8,
"url": "http://www.galaxymobile.jp/galaxy-s6/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007814"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007814"
},
{
"db": "NVD",
"id": "CVE-2015-7896"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/134198/samsung-galaxy-s6-libqjpeg-dointegralupsample-crash.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/77425"
},
{
"trust": 1.6,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=498\u0026redir=1"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/38612/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7896"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7896"
},
{
"trust": 0.3,
"url": "https://code.google.com/p/google-security-research/issues/detail?id=498"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "BID",
"id": "77425"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007814"
},
{
"db": "NVD",
"id": "CVE-2015-7896"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-665"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "77425"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007814"
},
{
"db": "NVD",
"id": "CVE-2015-7896"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-665"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-03T00:00:00",
"db": "BID",
"id": "77425"
},
{
"date": "2017-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007814"
},
{
"date": "2017-08-24T20:29:00.547000",
"db": "NVD",
"id": "CVE-2015-7896"
},
{
"date": "2015-11-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-665"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-03T00:00:00",
"db": "BID",
"id": "77425"
},
{
"date": "2017-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007814"
},
{
"date": "2017-10-02T12:23:23.217000",
"db": "NVD",
"id": "CVE-2015-7896"
},
{
"date": "2017-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-665"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-665"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Galaxy S6 Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007814"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-665"
}
],
"trust": 0.6
}
}
VAR-201706-0021
Vulnerability from variot - Updated: 2023-12-18 12:29Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). The Samsung Galaxy S6 is a smartphone released by South Korea's Samsung. An attacker could exploit a vulnerability to crash an affected application and refuse to serve legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0021",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "galaxy s6",
"scope": null,
"trust": 1.4,
"vendor": "samsung",
"version": null
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "*"
},
{
"model": "mobile",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "galaxy s6",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08539"
},
{
"db": "BID",
"id": "77430"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007618"
},
{
"db": "NVD",
"id": "CVE-2015-7898"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-674"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7898"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Natashenka",
"sources": [
{
"db": "BID",
"id": "77430"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-674"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7898",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-7898",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-08539",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-7898",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7898",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-08539",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-674",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08539"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007618"
},
{
"db": "NVD",
"id": "CVE-2015-7898"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-674"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). The Samsung Galaxy S6 is a smartphone released by South Korea\u0027s Samsung. An attacker could exploit a vulnerability to crash an affected application and refuse to serve legitimate users",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7898"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007618"
},
{
"db": "CNVD",
"id": "CNVD-2015-08539"
},
{
"db": "BID",
"id": "77430"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7898",
"trust": 3.3
},
{
"db": "BID",
"id": "77430",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "38610",
"trust": 1.6
},
{
"db": "PACKETSTORM",
"id": "134951",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007618",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2015-08539",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201512-674",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08539"
},
{
"db": "BID",
"id": "77430"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007618"
},
{
"db": "NVD",
"id": "CVE-2015-7898"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-674"
}
]
},
"id": "VAR-201706-0021",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08539"
}
],
"trust": 1.10842494
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08539"
}
]
},
"last_update_date": "2023-12-18T12:29:36.015000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Issue 500",
"trust": 0.8,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=500\u0026redir=1"
},
{
"title": "Samsung Galaxy",
"trust": 0.8,
"url": "http://www.galaxymobile.jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007618"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007618"
},
{
"db": "NVD",
"id": "CVE-2015-7898"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/77430"
},
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/134951/samsung-galaxy-s6-samsung-gallery-gif-parsing-crash.html"
},
{
"trust": 1.6,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=500\u0026redir=1"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/38610/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7898"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7898"
},
{
"trust": 0.3,
"url": "https://code.google.com/p/google-security-research/issues/detail?id=500\u0026q=samsung"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08539"
},
{
"db": "BID",
"id": "77430"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007618"
},
{
"db": "NVD",
"id": "CVE-2015-7898"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-674"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-08539"
},
{
"db": "BID",
"id": "77430"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007618"
},
{
"db": "NVD",
"id": "CVE-2015-7898"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-674"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08539"
},
{
"date": "2015-11-02T00:00:00",
"db": "BID",
"id": "77430"
},
{
"date": "2017-07-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007618"
},
{
"date": "2017-06-27T20:29:00.730000",
"db": "NVD",
"id": "CVE-2015-7898"
},
{
"date": "2015-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-674"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08539"
},
{
"date": "2015-11-02T00:00:00",
"db": "BID",
"id": "77430"
},
{
"date": "2017-07-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007618"
},
{
"date": "2017-07-03T17:45:05.750000",
"db": "NVD",
"id": "CVE-2015-7898"
},
{
"date": "2017-06-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-674"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-674"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Galaxy S6 of Samsung Gallery Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007618"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-674"
}
],
"trust": 0.6
}
}
VAR-201703-0717
Vulnerability from variot - Updated: 2023-12-18 12:04The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362. Vendors have confirmed this vulnerability SVE-2016-6362 It is released as.Attackers can be vulnerable to unspecified effects through processes that trigger out-of-bounds reads. Samsung is an Android smartphone. Samsung has a remote memory corruption vulnerability. An attacker could exploit the vulnerability to execute arbitrary code in an affected application environment. Failed exploit attempts will likely cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0717",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "android",
"scope": null,
"trust": 0.6,
"vendor": "google",
"version": null
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01077"
},
{
"db": "BID",
"id": "95674"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002710"
},
{
"db": "NVD",
"id": "CVE-2017-5538"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-823"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5538"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "95674"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5538",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-5538",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-01077",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5538",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5538",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-01077",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-823",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01077"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002710"
},
{
"db": "NVD",
"id": "CVE-2017-5538"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-823"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362. Vendors have confirmed this vulnerability SVE-2016-6362 It is released as.Attackers can be vulnerable to unspecified effects through processes that trigger out-of-bounds reads. Samsung is an Android smartphone. Samsung has a remote memory corruption vulnerability. An attacker could exploit the vulnerability to execute arbitrary code in an affected application environment. Failed exploit attempts will likely cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5538"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002710"
},
{
"db": "CNVD",
"id": "CNVD-2017-01077"
},
{
"db": "BID",
"id": "95674"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5538",
"trust": 3.3
},
{
"db": "BID",
"id": "95674",
"trust": 2.5
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2017/01/19/3",
"trust": 2.4
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2017/01/20/2",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002710",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-01077",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201701-823",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01077"
},
{
"db": "BID",
"id": "95674"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002710"
},
{
"db": "NVD",
"id": "CVE-2017-5538"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-823"
}
]
},
"id": "VAR-201703-0717",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01077"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01077"
}
]
},
"last_update_date": "2023-12-18T12:04:28.077000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SVE-2016-6362: out of bound read in gpu driver",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2017"
},
{
"title": "Samsung Remote Memory Corruption Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88751"
},
{
"title": "Samsung Repair measures for device security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67373"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01077"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002710"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-823"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002710"
},
{
"db": "NVD",
"id": "CVE-2017-5538"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.openwall.com/lists/oss-security/2017/01/19/3"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/95674"
},
{
"trust": 1.9,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-jan-2017"
},
{
"trust": 1.6,
"url": "http://www.openwall.com/lists/oss-security/2017/01/20/2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5538"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5538"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01077"
},
{
"db": "BID",
"id": "95674"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002710"
},
{
"db": "NVD",
"id": "CVE-2017-5538"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-823"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-01077"
},
{
"db": "BID",
"id": "95674"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002710"
},
{
"db": "NVD",
"id": "CVE-2017-5538"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-823"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-01077"
},
{
"date": "2017-01-19T00:00:00",
"db": "BID",
"id": "95674"
},
{
"date": "2017-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002710"
},
{
"date": "2017-03-23T16:59:00.557000",
"db": "NVD",
"id": "CVE-2017-5538"
},
{
"date": "2017-01-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-823"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-01077"
},
{
"date": "2017-01-23T00:12:00",
"db": "BID",
"id": "95674"
},
{
"date": "2017-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002710"
},
{
"date": "2017-03-28T16:52:54.507000",
"db": "NVD",
"id": "CVE-2017-5538"
},
{
"date": "2017-11-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-823"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-823"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Exynos AP With chipset Samsung Device software GPU Driver arm/t7xx/r5p0/mali_kbase_core_linux.c Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002710"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-823"
}
],
"trust": 0.6
}
}
VAR-201704-1366
Vulnerability from variot - Updated: 2023-12-18 12:04Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290. SamsungAndroidM and so on are an Android smartphone from South Korea's Samsung. Security vulnerabilities exist in Samsung mobile devices using AndroidL (5.0/5.1), M (6.0), and N (7.x) versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1366",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mobile",
"scope": "eq",
"trust": 2.2,
"vendor": "samsung",
"version": "5.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 2.2,
"vendor": "samsung",
"version": "5.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 2.2,
"vendor": "samsung",
"version": "6.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.2"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.0"
},
{
"model": "mobile",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "7.1.1"
},
{
"model": "mobile",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "mobile",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "7.*"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07345"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003195"
},
{
"db": "NVD",
"id": "CVE-2017-7978"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-934"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7978"
}
]
},
"cve": "CVE-2017-7978",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-7978",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-07345",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-7978",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-7978",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-07345",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-934",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07345"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003195"
},
{
"db": "NVD",
"id": "CVE-2017-7978"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-934"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290. SamsungAndroidM and so on are an Android smartphone from South Korea\u0027s Samsung. Security vulnerabilities exist in Samsung mobile devices using AndroidL (5.0/5.1), M (6.0), and N (7.x) versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7978"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003195"
},
{
"db": "CNVD",
"id": "CNVD-2017-07345"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7978",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003195",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-07345",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201704-934",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07345"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003195"
},
{
"db": "NVD",
"id": "CVE-2017-7978"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-934"
}
]
},
"id": "VAR-201704-1366",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07345"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07345"
}
]
},
"last_update_date": "2023-12-18T12:04:12.616000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SMR-APR-2017",
"trust": 0.8,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-apr-2017"
},
{
"title": "Samsung Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/94241"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07345"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003195"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003195"
},
{
"db": "NVD",
"id": "CVE-2017-7978"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr-apr-2017"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7978"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7978"
},
{
"trust": 0.6,
"url": "http://security.samsungmobile.com/smrupdate.html#smr"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07345"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003195"
},
{
"db": "NVD",
"id": "CVE-2017-7978"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-934"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-07345"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003195"
},
{
"db": "NVD",
"id": "CVE-2017-7978"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-934"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07345"
},
{
"date": "2017-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003195"
},
{
"date": "2017-04-19T22:59:00.133000",
"db": "NVD",
"id": "CVE-2017-7978"
},
{
"date": "2017-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-934"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07345"
},
{
"date": "2017-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003195"
},
{
"date": "2017-04-25T00:37:03.127000",
"db": "NVD",
"id": "CVE-2017-7978"
},
{
"date": "2017-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-934"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-934"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07345"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-934"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-934"
}
],
"trust": 0.6
}
}
FKIE_CVE-2014-8346
Vulnerability from fkie_nvd - Published: 2014-10-24 10:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| samsung | findmymobile | - | |
| samsung | mobile | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samsung:findmymobile:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D150DC-3D00-4793-84C9-06927F3A63A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:mobile:-:*:*:*:*:*:*:*",
"matchCriteriaId": "183033E8-4613-42B0-BDC4-39B0873322EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic."
},
{
"lang": "es",
"value": "La caracteristica Remote Controls en los dispositivos de m\u00f3viles Samsung no valida la fuente de los datos de la codificaci\u00f3n de bloqueo recibidos por una red, lo que facilita a atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de pantalla con un c\u00f3digo arbitrario) mediante la provocaci\u00f3n de trafico de red Find My Mobile no esperado."
}
],
"id": "CVE-2014-8346",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-24T10:55:05.133",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=Q3adkpOEjyI"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=YufuOYQoDOY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=Q3adkpOEjyI"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=YufuOYQoDOY"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-8346 (GCVE-0-2014-8346)
Vulnerability from cvelistv5 – Published: 2014-10-24 10:00 – Updated: 2024-08-06 13:18
VLAI?
Summary
The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:18:48.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=Q3adkpOEjyI"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=YufuOYQoDOY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-24T09:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=Q3adkpOEjyI"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=YufuOYQoDOY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.youtube.com/watch?v=Q3adkpOEjyI",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=Q3adkpOEjyI"
},
{
"name": "https://www.youtube.com/watch?v=YufuOYQoDOY",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=YufuOYQoDOY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8346",
"datePublished": "2014-10-24T10:00:00",
"dateReserved": "2014-10-20T00:00:00",
"dateUpdated": "2024-08-06T13:18:48.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}