PT-2016-7458 · Samsung · Samsung Galaxy S+3

Published

2016-10-31

Updated

2016-12-02

CVE-2016-7990

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Samsung Galaxy S devices versions S4 through S7

Description An integer overflow condition exists within libomacp.so when parsing OMACP messages, which can be sent via WAP Push SMS messages, leading to a heap corruption. This can result in Denial of Service and potentially remote code execution.

Recommendations For Samsung Galaxy S4 through S7 devices, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-388CWE-190

Related Identifiers

CVE-2016-7990

Affected Products

Samsung Galaxy S

Samsung Galaxy S4

Samsung Galaxy S7

Libomacp.So

PT-2016-7458 · Samsung · Samsung Galaxy S+3

CVE-2016-7990

Weakness Enumeration

Related Identifiers

Affected Products

References · 4