CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 0CVE-2009-0396
https://notcve.org/view.php?id=CVE-2009-0396
The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, W880i, and K530i phones allow remote attackers to cause a denial of service (device reboot or hang-up) via a malformed WAP Push packet to (1) SMS or (2) UDP port 2948. Los teléfonos Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, W880i, y K530i permite a los atacantes remotos causar una denegación de servicios (el dispositivo se reinicia o cuelgue) a través de paquetes mal formados WAP Push para (1) SMS o (2) puerto UDP 2948. • http://secunia.com/advisories/33616 http://www.mseclab.com/index.php?page_id=123 http://www.securityfocus.com/archive/1/500382/100/0/threaded http://www.securityfocus.com/bid/33433 http://www.securitytracker.com/id?1021634 • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1938
https://notcve.org/view.php?id=CVE-2008-1938
Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL certificates, which allows remote attackers to obtain sensitive information and conduct spoofing attacks. El firmware del Sony Mylo COM-2, modelo japonés anterior a 1.002 no verifica de forma adecuada el certificado SSL del servidor Web, lo que permite a los atacantes remotos obtener información sensible y conducir ataques de Spoofing. • http://esupport.sony.com/perl/news-item.pl?news_id=262&mdl=COM2 http://jvn.jp/jp/JVN%2376788395/index.html http://mylo.nccl.sony.co.jp/download/M-W002-001-02/index.html http://mylo.nccl.sony.co.jp/hotnews/2008/04/01/index.html http://secunia.com/advisories/29928 http://www.securityfocus.com/bid/28905 http://www.vupen.com/english/advisories/2008/1349/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41971 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 24%CPEs: 2EXPL: 3CVE-2008-0748 – ImageStation - 'SonyISUpload.cab 1.0.0.38' ActiveX Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-0748
Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX control in AxRUploadServer.dll 1.0.0.38 in SonyISUpload.cab 1.0.0.38 for Sony ImageStation allows remote attackers to execute arbitrary code via a long argument to the SetLogging method. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer en Sony AxRUploadServer.AxRUploadControl.1 control ActiveX en AxRUploadServer.dll 1.0.0.38 en SonyISUpload.cab 1.0.0.38 de Sony ImageStation, permite a atacantes remotos ejecutar código de elección mediante argumentos largos en el método SetLogging. NOTA: algunos de estos detalles se han obtenido de información de terceros. • https://www.exploit-db.com/exploits/5086 https://www.exploit-db.com/exploits/5100 http://secunia.com/advisories/28854 http://securityreason.com/securityalert/3648 http://www.securityfocus.com/archive/1/487802/100/0/threaded http://www.securityfocus.com/archive/1/487805/100/0/threaded http://www.securityfocus.com/bid/27715 http://www.vupen.com/english/advisories/2008/0483 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 24%CPEs: 1EXPL: 1CVE-2007-5709 – Sony CONNECT Player 4.x - '.m3u' Local Stack Overflow
https://notcve.org/view.php?id=CVE-2007-5709
Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 allows remote attackers to execute arbitrary code via a long file name in an M3U file. Un desbordamiento de búfer en la región stack de la memoria en Sony SonicStage CONNECT Player (CP) versión 4.3, permite a atacantes remotos ejecutar código arbitrario por medio de un nombre de archivo largo en un archivo M3U. • https://www.exploit-db.com/exploits/4583 http://osvdb.org/41998 http://secunia.com/advisories/27270 http://www.securityfocus.com/bid/26241 https://exchange.xforce.ibmcloud.com/vulnerabilities/38160 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 13%CPEs: 1EXPL: 0CVE-2007-4785
https://notcve.org/view.php?id=CVE-2007-4785
Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory. Sony Micro Vault Fingerprint Access Software, distribuido con los dispositivos flash Sony Micro Vault USM-F USB, instala un controlado que esconde un directorio bajo %WINDIR% lo cual podría permitir a un atacante remoto evitar la detección de código malicioso a través de la colocación de archivos en este directorio. • http://hiltont.blogspot.com/2007/08/sony-rootkit-version-2.html http://observed.de/?entnum=101 http://securityreason.com/securityalert/3118 http://www.computerdefense.org/?p=380 http://www.f-secure.com/weblog/archives/archive-082007.html#00001263 http://www.f-secure.com/weblog/archives/archive-082007.html#00001266 http://www.securityfocus.com/archive/1/478149/100/0/threaded http://www.securityfocus.com/archive/1/478315/100/0/threaded http://www.securityfocus.com/archive/1&#x •