PT-2016-3159 · Mozilla+1 · Firefox Os+1

Publicado

2016-12-22

Atualizado

2017-08-20

CVE-2016-5863

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Qualcomm products with Android for MSM (affected versions not specified) Qualcomm products with Firefox OS for MSM (affected versions not specified) Qualcomm products with QRD Android (affected versions not specified)

Description The issue is related to missing sanity checks in an ioctl handler, which can lead to out-of-bounds accesses. This can potentially allow a remote attacker to access memory beyond boundaries due to the lack of several sanity checks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

BDU:2017-01987

CVE-2016-5863

Produtos afetados

Android

Firefox Os

PT-2016-3159 · Mozilla+1 · Firefox Os+1

CVE-2016-5863

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8