PT-2018-17232 · Mozilla+2 · Firefox Os+2
Published
2018-11-27
·
Updated
2018-12-21
·
CVE-2018-5908
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Android for MSM (affected versions not specified)
Firefox OS for MSM (affected versions not specified)
QRD Android (affected versions not specified)
Description:
The issue is related to a possible buffer overflow in the display function due to a lack of buffer length validation before copying. This could potentially lead to exploitation.
Recommendations:
For Android for MSM, update to a version that includes the fix for the buffer overflow issue in the display function.
For Firefox OS for MSM, update to a version that includes the fix for the buffer overflow issue in the display function.
For QRD Android, update to a version that includes the fix for the buffer overflow issue in the display function.
As a temporary workaround, consider restricting access to the display function to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Firefox Os
Qrd Android