mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
119 lines
3.6 KiB
JSON
119 lines
3.6 KiB
JSON
{
|
|
"id": "CVE-2018-9139",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2018-03-30T08:29:00.620",
|
|
"lastModified": "2018-04-19T17:27:12.567",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En dispositivos m\u00f3viles Samsung con software N(7.x), un desbordamiento de b\u00fafer en el servicio vision permite la ejecuci\u00f3n de c\u00f3digo en un proceso privilegiado mediante una trama de gran tama\u00f1o. Esto tambi\u00e9n se conoce como SVE-2017-11165."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 9.8,
|
|
"baseSeverity": "CRITICAL"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 5.9
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 10.0
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "08E4422C-42D0-47CA-A8B7-0DFF0652363E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "088A46CD-DA84-4DFA-ABCB-95E6D82DCE15"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2F08AFFF-8310-4CCE-97A1-872CAA97E26D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CC76BE55-8569-4C11-BDF7-DB9AD2783313"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://security.samsungmobile.com/securityUpdate.smsb",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |