admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update references and affected versions of CVE-2019-6496

Browse Source
This commit is contained in:
Madison Oliver 2019-02-07 16:38:44 -05:00
parent e4662c2e8e
commit 405d03e2f0
No known key found for this signature in database
GPG Key ID: D09A966296ACACD5
1 changed files with 58 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2019/6xxx/CVE-2019-6496.json
View File

@ -11,7 +11,47 @@
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"product_name" : "88W8787 System on a Chip",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
},
{
"product_name" : "88W8797 System on a Chip",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
},
{
"product_name" : "88W8801 System on a Chip",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
},
{
"product_name" : "88W8897 System on a Chip",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
},
{
"product_name" : "88W8997 System on a Chip",
"version" : {
"version_data" : [
{
@ -22,7 +62,7 @@
}
]
},
"vendor_name" : "n/a"
"vendor_name" : "Marvell"
}
]
}
@ -34,7 +74,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "The ThreadX-based firmware on Marvell Avastar Wi-Fi devices allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA."
"value" : "The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA."
}
]
},
@ -66,6 +106,21 @@
"name" : "106865",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106865"
},
{
"name" : "VU#730261",
"refsource" : "CERT-VN",
"url" : "https://www.kb.cert.org/vuls/id/730261/"
},
{
"name" : "https://www.scribd.com/document/398350818/WiFi-CVE-2019-6496-Marvell-s-Statement",
"refsource" : "CONFIRM",
"url" : "https://www.scribd.com/document/398350818/WiFi-CVE-2019-6496-Marvell-s-Statement"
},
{
"name" : "https://2018.zeronights.ru/wp-content/uploads/materials/19-Researching-Marvell-Avastar-Wi-Fi.pdf",
"refsource" : "MISC",
"url" : "https://2018.zeronights.ru/wp-content/uploads/materials/19-Researching-Marvell-Avastar-Wi-Fi.pdf"
}
]
}