PT-2016-3159 · Mozilla+1 · Firefox Os+1
Published
2016-12-22
·
Updated
2017-08-20
·
CVE-2016-5863
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Qualcomm products with Android for MSM (affected versions not specified)
Qualcomm products with Firefox OS for MSM (affected versions not specified)
Qualcomm products with QRD Android (affected versions not specified)
Description
The issue is related to missing sanity checks in an ioctl handler, which can lead to out-of-bounds accesses. This can potentially allow a remote attacker to access memory beyond boundaries due to the lack of several sanity checks.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Firefox Os