PT-2018-5726 · Mozilla+2 · Firefox Os+2

Publicado

2018-01-10

Atualizado

2018-01-26

CVE-2017-14869

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description: The issue occurs during the update of the FOTA partition in the mentioned operating systems, where uninitialized data can be pushed to storage.

Recommendations: For Android for MSM, update the system to ensure proper initialization of data before pushing it to storage. For Firefox OS for MSM, ensure that all data is properly initialized before the FOTA partition update. For QRD Android, modify the FOTA partition update process to prevent uninitialized data from being pushed to storage.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2017-14869

Produtos afetados

Android

Firefox Os

Qrd Android

PT-2018-5726 · Mozilla+2 · Firefox Os+2

CVE-2017-14869

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2