CVE-2015-9174
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, lack of validation of the return value prior to using for buffer allocation in QSEE application, TQS, may result in memory overwrite.
En Android antes del nivel de parcheo de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808 y SD 810, la falta de validación de los valores de retorno antes de emplearlos para asignar búfers en la aplicación QSEE, TQS, podría desembocar en una sobrescritura de memoria.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-08-16 CVE Reserved
- 2018-04-18 CVE Published
- 2023-09-09 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/103671 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://source.android.com/security/bulletin/2018-04-01 | 2018-05-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Sd 410 Firmware Search vendor "Qualcomm" for product "Sd 410 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 410 Search vendor "Qualcomm" for product "Sd 410" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 412 Firmware Search vendor "Qualcomm" for product "Sd 412 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 412 Search vendor "Qualcomm" for product "Sd 412" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 617 Firmware Search vendor "Qualcomm" for product "Sd 617 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 617 Search vendor "Qualcomm" for product "Sd 617" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 650 Firmware Search vendor "Qualcomm" for product "Sd 650 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 650 Search vendor "Qualcomm" for product "Sd 650" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 652 Firmware Search vendor "Qualcomm" for product "Sd 652 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 652 Search vendor "Qualcomm" for product "Sd 652" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 800 Firmware Search vendor "Qualcomm" for product "Sd 800 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 800 Search vendor "Qualcomm" for product "Sd 800" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 808 Firmware Search vendor "Qualcomm" for product "Sd 808 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 808 Search vendor "Qualcomm" for product "Sd 808" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 810 Firmware Search vendor "Qualcomm" for product "Sd 810 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 810 Search vendor "Qualcomm" for product "Sd 810" | - | - |
Safe
|