CVSS: 9.3EPSS: 0%CPEs: 22EXPL: 1CVE-2016-2494 – Google Android - '/system/bin/sdcard' Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2016-2494
Off-by-one error in sdcard/sdcard.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 28085658. Error por un paso en sdcard/sdcard.c en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones anteriores a 2016-06-01 permite a atacantes obtener privilegios a través de una aplicación manipulada, tal como se demuestra obteniendo acceso a Signature o SignatureOrSystem, también conocido como error interno 28085658. There's an integer overflow issue in get_node_path_locked in /system/bin/sdcard on Android, which results in a buffer overflow. • https://www.exploit-db.com/exploits/39921 http://packetstormsecurity.com/files/137404/Android-system-bin-sdcard-Stack-Buffer-Overflow.html http://source.android.com/security/bulletin/2016-06-01.html https://android.googlesource.com/platform/system/core/+/864e2e22fcd0cba3f5e67680ccabd0302dfda45d • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2016-5300
https://notcve.org/view.php?id=CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876. El intérprete XML en Expat no utiliza suficiente entropía para inicialización hash, lo que permite a atacantes dependientes del contexto provocar una denegación de servicio (consumo de CPU) a través de identificadores manipulados en un documento XML. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2012-0876. • http://www.debian.org/security/2016/dsa-3597 http://www.openwall.com/lists/oss-security/2016/06/04/4 http://www.openwall.com/lists/oss-security/2016/06/04/5 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.securityfocus.com/bid/91159 http://www.ubuntu.com/usn/USN-3010-1 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://lists.apache.org • CWE-399: Resource Management Errors •
CVSS: 5.9EPSS: 0%CPEs: 11EXPL: 0CVE-2012-6702
https://notcve.org/view.php?id=CVE-2012-6702
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. Expat, cuando se utiliza en un intérprete que no ha realizado una llamada XML_SetHashSalt o pasado una semilla de 0, facilita a atacantes dependientes del contexto romper mecanismos de protección criptográfica a través de vectores que involucran el uso de la función srand. • http://www.debian.org/security/2016/dsa-3597 http://www.openwall.com/lists/oss-security/2016/06/03/8 http://www.openwall.com/lists/oss-security/2016/06/04/1 http://www.securityfocus.com/bid/91483 http://www.ubuntu.com/usn/USN-3010-1 https://security.gentoo.org/glsa/201701-21 https://source.android.com/security/bulletin/2016-11-01.html https://www.tenable.com/security/tns-2016-20 • CWE-310: Cryptographic Issues •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2060
https://notcve.org/view.php?id=CVE-2016-2060
server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate upstream interface names, which allows attackers to bypass intended access restrictions via a crafted application. server/TetherController.cpp en el controlador tethering en netd, según se distribuye con Qualcomm Innovation Center (QuIC) Android contributions for MSM devices y otros productos, no valida correctamente nombres de interfaz de subida de flujo, lo que permite a atacantes eludir restricciones destinadas al acceso a través de una aplicación manipulada. • http://source.android.com/security/bulletin/2016-05-01.html https://www.codeaurora.org/improper-input-validation-tethering-controller-netd-cve-2016-2060-0 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-2432
https://notcve.org/view.php?id=CVE-2016-2432
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059. El componente Qualcomm TrustZone en Android en versiones anteriores a 2016-05-01 sobre dispositivos Nexus 6 y Android One permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno 25913059. • http://source.android.com/security/bulletin/2016-05-01.html • CWE-264: Permissions, Privileges, and Access Controls •