Vulnerability-Lookup

CVE-2014-7252 (GCVE-0-2014-7252)

Vulnerability from cvelistv5 – Published: 2014-12-05 17:00 – Updated: 2024-08-06 12:40

Summary

Severity

No CVSS data available.

CWE

Assigner

jpcert

References

4 references

URL	Tags
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-0…	third-party-advisoryx_refsource_JVNDB
http://jvn.jp/en/jp/JVN67792023/index.html	third-party-advisoryx_refsource_JVN
http://jvn.jp/en/jp/JVN67792023/397327/index.html	x_refsource_MISC
http://jvn.jp/en/jp/JVN67792023/995312/index.html	x_refsource_MISC

Date Public

2014-12-02 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:40:19.271Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JVNDB-2014-000137",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"
          },
          {
            "name": "JVN#67792023",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN67792023/index.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-12-05T16:57:00.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "name": "JVNDB-2014-000137",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"
        },
        {
          "name": "JVN#67792023",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN67792023/index.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2014-7252",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVNDB-2014-000137",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"
            },
            {
              "name": "JVN#67792023",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN67792023/index.html"
            },
            {
              "name": "http://jvn.jp/en/jp/JVN67792023/397327/index.html",
              "refsource": "MISC",
              "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"
            },
            {
              "name": "http://jvn.jp/en/jp/JVN67792023/995312/index.html",
              "refsource": "MISC",
              "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2014-7252",
    "datePublished": "2014-12-05T17:00:00.000Z",
    "dateReserved": "2014-09-30T00:00:00.000Z",
    "dateUpdated": "2024-08-06T12:40:19.271Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2014-7252",
      "date": "2026-05-28",
      "epss": "0.00072",
      "percentile": "0.22014"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:disney_interactive:disney_mobile:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1F11E96-DE4B-43BD-9353-5CC58CFBF908\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:fujitsu:f-08d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E0F58C3-BE28-44BB-9444-21FED4290BCE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:fujitsu:arrows_tab_lte_f-01d:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"245D71AD-5D0D-43D7-9CD2-B7BE7ACADDF9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:sharp:softbank_102sh:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0CA34F5-20E7-4663-9A19-D67555E50386\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:fujitsu:regza_phone_t-01d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC3CE189-7E5D-49B0-834D-610909C00FAE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:fujitsu:arrows_x_lte_f-05d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E423E510-BFE4-4BE2-A04F-2E22AFA93728\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:lg:prada_phone_l-02d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D935E00-B10E-4F08-B4A7-5B7462621299\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \\\"improper data validation.\\\"\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades no especificadas en el controlador Syslink para el procesador m\\u00f3vil de Texas Instruments OMAP, utilizado en NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, y PRADA phone por LG L-02D; y los tel\\u00e9fonos SoftBank SHARP 102SH permiten a usuarios locales ejecutar c\\u00f3digo arbitrario o leer la memoria del kernel a trav\\u00e9s de vectores desconocidos relacionados con los datos userland y \u0027la validaci\\u00f3n de datos incorrecta.\u0027\"}]",
      "id": "CVE-2014-7252",
      "lastModified": "2024-11-21T02:16:36.950",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-12-05T17:59:01.087",
      "references": "[{\"url\": \"http://jvn.jp/en/jp/JVN67792023/397327/index.html\", \"source\": \"vultures@jpcert.or.jp\"}, {\"url\": \"http://jvn.jp/en/jp/JVN67792023/995312/index.html\", \"source\": \"vultures@jpcert.or.jp\"}, {\"url\": \"http://jvn.jp/en/jp/JVN67792023/index.html\", \"source\": \"vultures@jpcert.or.jp\"}, {\"url\": \"http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html\", \"source\": \"vultures@jpcert.or.jp\"}, {\"url\": \"http://jvn.jp/en/jp/JVN67792023/397327/index.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://jvn.jp/en/jp/JVN67792023/995312/index.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://jvn.jp/en/jp/JVN67792023/index.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "vultures@jpcert.or.jp",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-7252\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2014-12-05T17:59:01.087\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \\\"improper data validation.\\\"\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades no especificadas en el controlador Syslink para el procesador m\u00f3vil de Texas Instruments OMAP, utilizado en NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, y PRADA phone por LG L-02D; y los tel\u00e9fonos SoftBank SHARP 102SH permiten a usuarios locales ejecutar c\u00f3digo arbitrario o leer la memoria del kernel a trav\u00e9s de vectores desconocidos relacionados con los datos userland y \u0027la validaci\u00f3n de datos incorrecta.\u0027\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:disney_interactive:disney_mobile:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1F11E96-DE4B-43BD-9353-5CC58CFBF908\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:f-08d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E0F58C3-BE28-44BB-9444-21FED4290BCE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:fujitsu:arrows_tab_lte_f-01d:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"245D71AD-5D0D-43D7-9CD2-B7BE7ACADDF9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:sharp:softbank_102sh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0CA34F5-20E7-4663-9A19-D67555E50386\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:fujitsu:regza_phone_t-01d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC3CE189-7E5D-49B0-834D-610909C00FAE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:fujitsu:arrows_x_lte_f-05d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E423E510-BFE4-4BE2-A04F-2E22AFA93728\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lg:prada_phone_l-02d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D935E00-B10E-4F08-B4A7-5B7462621299\"}]}]}],\"references\":[{\"url\":\"http://jvn.jp/en/jp/JVN67792023/397327/index.html\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"http://jvn.jp/en/jp/JVN67792023/995312/index.html\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"http://jvn.jp/en/jp/JVN67792023/index.html\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"http://jvn.jp/en/jp/JVN67792023/397327/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://jvn.jp/en/jp/JVN67792023/995312/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://jvn.jp/en/jp/JVN67792023/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2014-7252

Vulnerability from fkie_nvd - Published: 2014-12-05 17:59 - Updated: 2026-05-06 22:30

Severity

Summary

References

	URL	Tags
	vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN67792023/397327/index.html
	vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN67792023/995312/index.html
	vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN67792023/index.html
	vultures@jpcert.or.jp	http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html
	af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN67792023/397327/index.html
	af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN67792023/995312/index.html
	af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN67792023/index.html
	af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html

Impacted products

Vendor	Product	Version
disney_interactive	disney_mobile	-
fujitsu	f-08d	-
fujitsu	arrows_tab_lte_f-01d	*
sharp	softbank_102sh	-
fujitsu	regza_phone_t-01d	-
fujitsu	arrows_x_lte_f-05d	-
lg	prada_phone_l-02d	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:disney_interactive:disney_mobile:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1F11E96-DE4B-43BD-9353-5CC58CFBF908",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:fujitsu:f-08d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E0F58C3-BE28-44BB-9444-21FED4290BCE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:fujitsu:arrows_tab_lte_f-01d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "245D71AD-5D0D-43D7-9CD2-B7BE7ACADDF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sharp:softbank_102sh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0CA34F5-20E7-4663-9A19-D67555E50386",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:fujitsu:regza_phone_t-01d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC3CE189-7E5D-49B0-834D-610909C00FAE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:fujitsu:arrows_x_lte_f-05d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E423E510-BFE4-4BE2-A04F-2E22AFA93728",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lg:prada_phone_l-02d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D935E00-B10E-4F08-B4A7-5B7462621299",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\""
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en el controlador Syslink para el procesador m\u00f3vil de Texas Instruments OMAP, utilizado en NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, y PRADA phone por LG L-02D; y los tel\u00e9fonos SoftBank SHARP 102SH permiten a usuarios locales ejecutar c\u00f3digo arbitrario o leer la memoria del kernel a trav\u00e9s de vectores desconocidos relacionados con los datos userland y \u0027la validaci\u00f3n de datos incorrecta.\u0027"
    }
  ],
  "id": "CVE-2014-7252",
  "lastModified": "2026-05-06T22:30:45.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-12-05T17:59:01.087",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvn.jp/en/jp/JVN67792023/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN67792023/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-C58J-GPHJ-CP8J

Vulnerability from github – Published: 2022-05-17 04:20 – Updated: 2022-05-17 04:20

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-7252"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-12-05T17:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\"",
  "id": "GHSA-c58j-gphj-cp8j",
  "modified": "2022-05-17T04:20:31Z",
  "published": "2022-05-17T04:20:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7252"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN67792023/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2014-7252

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-7252

Aliases

CVE-2014-7252

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-7252",
    "description": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\"",
    "id": "GSD-2014-7252"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-7252"
      ],
      "details": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\"",
      "id": "GSD-2014-7252",
      "modified": "2023-12-13T01:22:47.408126Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2014-7252",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "JVNDB-2014-000137",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"
          },
          {
            "name": "JVN#67792023",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN67792023/index.html"
          },
          {
            "name": "http://jvn.jp/en/jp/JVN67792023/397327/index.html",
            "refsource": "MISC",
            "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"
          },
          {
            "name": "http://jvn.jp/en/jp/JVN67792023/995312/index.html",
            "refsource": "MISC",
            "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:disney_interactive:disney_mobile:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:fujitsu:f-08d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:fujitsu:arrows_tab_lte_f-01d:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:sharp:softbank_102sh:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:fujitsu:regza_phone_t-01d:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:fujitsu:arrows_x_lte_f-05d:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:lg:prada_phone_l-02d:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2014-7252"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://jvn.jp/en/jp/JVN67792023/995312/index.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"
            },
            {
              "name": "JVN#67792023",
              "refsource": "JVN",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN67792023/index.html"
            },
            {
              "name": "JVNDB-2014-000137",
              "refsource": "JVNDB",
              "tags": [],
              "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"
            },
            {
              "name": "http://jvn.jp/en/jp/JVN67792023/397327/index.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2014-12-08T13:55Z",
      "publishedDate": "2014-12-05T17:59Z"
    }
  }
}

JVNDB-2014-000137

Vulnerability from jvndb - Published: 2014-12-02 13:56 - Updated:2014-12-09 15:34

Severity

N/A (UNKNOWN) - -

Summary

Multiple improper data validation vulnerabilities in Syslink driver for Texas Instruments OMAP mobile processors

Details

The Syslink driver for OMAP mobile processors contained in Android devices contain mulitple improper data validation vulerabilities. The OMAP mobile processor provided by Texas Instruments is used in some Android tablets, smartphones and other devices. The Syslink driver for some OMAP mobile processors is used to implement the communication of processes between the host and slave processors. The Syslink driver contains multiple vulnerabilities where userland data is not properly validated prior to use. Exploitation of these vulnerabilities may lead to arbitrary code execution or kernel memory content disclosure. Masaaki Chida of GREE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN67792023/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7252
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7252
	Improper Input Validation(CWE-20)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

(Multiple Venders)

(Multiple Products)

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000137.html",
  "dc:date": "2014-12-09T15:34+09:00",
  "dcterms:issued": "2014-12-02T13:56+09:00",
  "dcterms:modified": "2014-12-09T15:34+09:00",
  "description": "The Syslink driver for OMAP mobile processors contained in Android devices contain mulitple improper data validation vulerabilities.\r\n\r\nThe OMAP mobile processor provided by Texas Instruments is used in some Android tablets, smartphones and other devices. The Syslink driver for some OMAP mobile processors is used to implement the communication of processes between the host and slave processors.\r\nThe Syslink driver contains multiple vulnerabilities where userland data is not properly validated prior to use. Exploitation of these vulnerabilities may lead to arbitrary code execution or kernel memory content disclosure.\r\n\r\nMasaaki Chida of GREE, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000137.html",
  "sec:cpe": {
    "#text": "cpe:/a:misc:multiple_vendors",
    "@product": "(Multiple Products)",
    "@vendor": "(Multiple Venders)",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.2",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2014-000137",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN67792023/index.html",
      "@id": "JVN#67792023",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7252",
      "@id": "CVE-2014-7252",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7252",
      "@id": "CVE-2014-7252",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-20",
      "@title": "Improper Input Validation(CWE-20)"
    }
  ],
  "title": "Multiple improper data validation vulnerabilities in Syslink driver for Texas Instruments OMAP mobile processors"
}

VAR-201412-0589

Vulnerability from variot - Updated: 2023-12-18 12:07

Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and "improper data validation.". The Syslink driver for OMAP mobile processors contained in Android devices contain mulitple improper data validation vulerabilities. The OMAP mobile processor provided by Texas Instruments is used in some Android tablets, smartphones and other devices. The Syslink driver for some OMAP mobile processors is used to implement the communication of processes between the host and slave processors. The Syslink driver contains multiple vulnerabilities where userland data is not properly validated prior to use. Exploitation of these vulnerabilities may lead to arbitrary code execution or kernel memory content disclosure. Masaaki Chida of GREE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.When the device is accessed through the Android Debug Bridge (adb), contents of the kernel memory may be obtained or arbitrary code may be executed to obtain root privileges. Local attackers can exploit these vulnerabilities to execute arbitrary code and gain sensitive information in the context of the user running the vulnerable application

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201412-0589",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "prada phone l-02d",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lg",
        "version": null
      },
      {
        "model": "arrows tab lte f-01d",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fujitsu",
        "version": "*"
      },
      {
        "model": "mobile",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "disney interactive",
        "version": null
      },
      {
        "model": "softbank 102sh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sharp",
        "version": null
      },
      {
        "model": "arrows x lte f-05d",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fujitsu",
        "version": null
      },
      {
        "model": "regza phone t-01d",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fujitsu",
        "version": null
      },
      {
        "model": "",
        "scope": null,
        "trust": 0.8,
        "vendor": "multiple venders",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7252"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-047"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:disney_interactive:disney_mobile:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:fujitsu:f-08d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:fujitsu:arrows_tab_lte_f-01d:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:sharp:softbank_102sh:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:fujitsu:regza_phone_t-01d:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:fujitsu:arrows_x_lte_f-05d:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:lg:prada_phone_l-02d:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-7252"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Masaaki Chida of GREE",
    "sources": [
      {
        "db": "BID",
        "id": "71412"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-047"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2014-7252",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Local",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "Complete",
            "baseScore": 6.2,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "JVNDB-2014-000137",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2014-7252",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2014-000137",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201412-047",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7252"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-047"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\". The Syslink driver for OMAP mobile processors contained in Android devices contain mulitple improper data validation vulerabilities. The OMAP mobile processor provided by Texas Instruments is used in some Android tablets, smartphones and other devices. The Syslink driver for some OMAP mobile processors is used to implement the communication of processes between the host and slave processors. The Syslink driver contains multiple vulnerabilities where userland data is not properly validated prior to use. Exploitation of these vulnerabilities may lead to arbitrary code execution or kernel memory content disclosure. Masaaki Chida of GREE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.When the device is accessed through the Android Debug Bridge (adb), contents of the kernel memory may be obtained or arbitrary code may be executed to obtain root privileges. \nLocal attackers can exploit these vulnerabilities to execute arbitrary code  and gain sensitive information in the context of the user running the  vulnerable application",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-7252"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      },
      {
        "db": "BID",
        "id": "71412"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-7252",
        "trust": 2.7
      },
      {
        "db": "JVN",
        "id": "JVN67792023",
        "trust": 2.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-000137",
        "trust": 2.4
      },
      {
        "db": "BID",
        "id": "71412",
        "trust": 0.9
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-047",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "71412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7252"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-047"
      }
    ]
  },
  "id": "VAR-201412-0589",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.4583333333333333
  },
  "last_update_date": "2023-12-18T12:07:44.872000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Information from NTT DOCOMO, INC.",
        "trust": 0.8,
        "url": "http://jvn.jp/en/jp/jvn67792023/995312/index.html"
      },
      {
        "title": "- SHARP handsets 102SH (Fix-May 31 2012 release software)",
        "trust": 0.8,
        "url": "http://www.softbank.jp/mobile/info/personal/software/20130830-01/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7252"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://jvn.jp/en/jp/jvn67792023/index.html"
      },
      {
        "trust": 1.6,
        "url": "http://jvn.jp/en/jp/jvn67792023/397327/index.html"
      },
      {
        "trust": 1.6,
        "url": "http://jvn.jp/en/jp/jvn67792023/995312/index.html"
      },
      {
        "trust": 1.6,
        "url": "http://jvndb.jvn.jp/ja/contents/2014/jvndb-2014-000137.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-7252"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-7252"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/71412"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7252"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-047"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "71412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7252"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-047"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-12-02T00:00:00",
        "db": "BID",
        "id": "71412"
      },
      {
        "date": "2014-12-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      },
      {
        "date": "2014-12-05T17:59:01.087000",
        "db": "NVD",
        "id": "CVE-2014-7252"
      },
      {
        "date": "2014-12-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201412-047"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-12-02T00:00:00",
        "db": "BID",
        "id": "71412"
      },
      {
        "date": "2014-12-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      },
      {
        "date": "2014-12-08T13:55:38.113000",
        "db": "NVD",
        "id": "CVE-2014-7252"
      },
      {
        "date": "2014-12-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201412-047"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "71412"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-047"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple improper data validation vulnerabilities in Syslink driver for Texas Instruments OMAP mobile processors",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-000137"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "71412"
      }
    ],
    "trust": 0.3
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-7252 (GCVE-0-2014-7252)

FKIE_CVE-2014-7252

GHSA-C58J-GPHJ-CP8J

GSD-2014-7252

JVNDB-2014-000137

VAR-201412-0589

Tags

Sightings

Nomenclature