cvelistv5 - cve-2016-7989

cve-2016-7989

Vulnerability from cvelistv5

Published

2016-10-31 10:00

Modified

2024-08-06 02:13

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/94082	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94082	Third Party Advisory, VDB Entry

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:13:21.260Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"
          },
          {
            "name": "94082",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94082"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-10-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"
        },
        {
          "name": "94082",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94082"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-7989",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016",
              "refsource": "CONFIRM",
              "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"
            },
            {
              "name": "94082",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94082"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-7989",
    "datePublished": "2016-10-31T10:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:13:21.260Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49413FF7-7910-4F74-B106-C3170612CB2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8882E50-7C49-4A99-91F2-DF979CF8BB2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98C32982-095C-4628-9958-118A3D3A9CAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3CEEA22-63B4-4702-A400-01349DF0EC1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C4E6353-B77A-464F-B7DE-932704003B33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77125688-2CCA-4990-ABB2-551D47CB0CDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9915371-C730-41F7-B86E-7E4DE0DF5385\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7A8EC00-266C-409B-AD43-18E8DFCD6FE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B846C63A-7261-481E-B4A4-0D8C79E0D8A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1D94CDD-DE7B-444E-A3AE-AE9C9A779374\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E70C6D8D-C9C3-4D92-8DFC-71F59E068295\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"691FA41B-C2CE-413F-ABB1-0B22CB322807\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"717D895C-E64D-4E0E-9F4A-9B191E6388B6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"721FDF15-999F-42C1-90C2-4708C6DB98B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:samsung:galaxy_s5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7060E1BD-9FFF-4D74-A2EE-20ABB447EA23\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9C84354-75A3-4E55-A2D0-C0783AF36B37\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:samsung:galaxy_s7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F54653E7-88CD-4AA3-A2CD-BA0B116955F1\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542.\"}, {\"lang\": \"es\", \"value\": \"En dispositivos Samsung Galaxy S4 hasta la versi\\u00f3n S7, un OTA WAP PUSH SMS mal formado que contiene un mensaje enviado OMACP desencadena remotamente un ArrayIndexOutOfBoundsException no controlado en la implementaci\\u00f3n de Samsung de la clase WifiServiceImpl dentro de wifi-service.jar. Esto provoca que el tiempo de ejecuci\\u00f3n de Android se caiga continuamente, haciendo al dispositivo inutilizable hasta que se realiza un restablecimiento de f\\u00e1brica, un subconjunto de SVE-2016-6542.\"}]",
      "id": "CVE-2016-7989",
      "lastModified": "2024-11-21T02:58:51.423",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-10-31T10:59:05.193",
      "references": "[{\"url\": \"http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94082\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94082\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-254\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-7989\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-10-31T10:59:05.193\",\"lastModified\":\"2024-11-21T02:58:51.423\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542.\"},{\"lang\":\"es\",\"value\":\"En dispositivos Samsung Galaxy S4 hasta la versi\u00f3n S7, un OTA WAP PUSH SMS mal formado que contiene un mensaje enviado OMACP desencadena remotamente un ArrayIndexOutOfBoundsException no controlado en la implementaci\u00f3n de Samsung de la clase WifiServiceImpl dentro de wifi-service.jar. Esto provoca que el tiempo de ejecuci\u00f3n de Android se caiga continuamente, haciendo al dispositivo inutilizable hasta que se realiza un restablecimiento de f\u00e1brica, un subconjunto de SVE-2016-6542.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-254\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49413FF7-7910-4F74-B106-C3170612CB2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8882E50-7C49-4A99-91F2-DF979CF8BB2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98C32982-095C-4628-9958-118A3D3A9CAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3CEEA22-63B4-4702-A400-01349DF0EC1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C4E6353-B77A-464F-B7DE-932704003B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77125688-2CCA-4990-ABB2-551D47CB0CDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9915371-C730-41F7-B86E-7E4DE0DF5385\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7A8EC00-266C-409B-AD43-18E8DFCD6FE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B846C63A-7261-481E-B4A4-0D8C79E0D8A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1D94CDD-DE7B-444E-A3AE-AE9C9A779374\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E70C6D8D-C9C3-4D92-8DFC-71F59E068295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"691FA41B-C2CE-413F-ABB1-0B22CB322807\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"717D895C-E64D-4E0E-9F4A-9B191E6388B6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"721FDF15-999F-42C1-90C2-4708C6DB98B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:galaxy_s5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7060E1BD-9FFF-4D74-A2EE-20ABB447EA23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C84354-75A3-4E55-A2D0-C0783AF36B37\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:galaxy_s7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F54653E7-88CD-4AA3-A2CD-BA0B116955F1\"}]}]}],\"references\":[{\"url\":\"http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94082\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94082\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

gsd-2016-7989

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2016-7989

Aliases

CVE-2016-7989

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-7989",
    "description": "On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542.",
    "id": "GSD-2016-7989"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-7989"
      ],
      "details": "On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542.",
      "id": "GSD-2016-7989",
      "modified": "2023-12-13T01:21:20.414110Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2016-7989",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016",
            "refsource": "CONFIRM",
            "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"
          },
          {
            "name": "94082",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/94082"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:galaxy_s5:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:galaxy_s7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-7989"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-254"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"
            },
            {
              "name": "94082",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/94082"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2016-12-02T23:05Z",
      "publishedDate": "2016-10-31T10:59Z"
    }
  }
}

On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542. This vulnerability SVE-2016-6542 Is part of Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. SamsungGalaxyS4 and so on are all smart mobile devices released by South Korea's Samsung. A denial of service vulnerability exists in Samsung Galaxy S4 to S7 devices. Remote attackers can exploit this issue to cause a denial-of-service condition

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201610-0197",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "android",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "google",
        "version": "4.4"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "google",
        "version": "6.0"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "google",
        "version": "5.0.2"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "google",
        "version": "5.0.1"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "google",
        "version": "4.4.4"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "google",
        "version": "4.4.3"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "google",
        "version": "4.4.2"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "google",
        "version": "4.4.1"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "google",
        "version": "4.3.1"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "google",
        "version": "5.0"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "google",
        "version": "4.3"
      },
      {
        "model": "galaxy s4",
        "scope": null,
        "trust": 1.4,
        "vendor": "samsung",
        "version": null
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "google",
        "version": "6.0.1"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "google",
        "version": "5.1.1"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "google",
        "version": "4.2.2"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "google",
        "version": "5.1"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "google",
        "version": "5.1.0"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "google",
        "version": "5.0/5.1"
      },
      {
        "model": "galaxy s4 mini",
        "scope": null,
        "trust": 0.8,
        "vendor": "samsung",
        "version": null
      },
      {
        "model": "galaxy s5",
        "scope": null,
        "trust": 0.8,
        "vendor": "samsung",
        "version": null
      },
      {
        "model": "galaxy s6",
        "scope": null,
        "trust": 0.8,
        "vendor": "samsung",
        "version": null
      },
      {
        "model": "galaxy s7",
        "scope": null,
        "trust": 0.8,
        "vendor": "samsung",
        "version": null
      },
      {
        "model": "galaxy s7",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "samsung",
        "version": "0"
      },
      {
        "model": "galaxy s6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "samsung",
        "version": "0"
      },
      {
        "model": "galaxy s5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "samsung",
        "version": "0"
      },
      {
        "model": "galaxy s4 mini",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "samsung",
        "version": "0"
      },
      {
        "model": "galaxy s4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "samsung",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      },
      {
        "db": "BID",
        "id": "94082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7989"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-877"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:galaxy_s5:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:galaxy_s7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-7989"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Tom Court of Context",
    "sources": [
      {
        "db": "BID",
        "id": "94082"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-7989",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-7989",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-10558",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-7989",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-7989",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-10558",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201610-877",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7989"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-877"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542. This vulnerability SVE-2016-6542 Is part of Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. SamsungGalaxyS4 and so on are all smart mobile devices released by South Korea\u0027s Samsung. A denial of service vulnerability exists in Samsung Galaxy S4 to S7 devices. \nRemote attackers can exploit this issue to cause a denial-of-service condition",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-7989"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      },
      {
        "db": "BID",
        "id": "94082"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-7989",
        "trust": 3.3
      },
      {
        "db": "BID",
        "id": "94082",
        "trust": 1.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005688",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10558",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-877",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      },
      {
        "db": "BID",
        "id": "94082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7989"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-877"
      }
    ]
  },
  "id": "VAR-201610-0197",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      }
    ],
    "trust": 1.1153031133333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:24:36.879000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
        "trust": 0.8,
        "url": "https://www.android.com/intl/ja_jp/"
      },
      {
        "title": "SVE-2016-6542",
        "trust": 0.8,
        "url": "http://security.samsungmobile.com/smrupdate.html#smr-aug-2016"
      },
      {
        "title": "SamsungGalaxyS4-S7 device denial of service vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/83440"
      },
      {
        "title": "Multiple Samsung Galaxy Repair measures for device security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65198"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-877"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-254",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7989"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://security.samsungmobile.com/smrupdate.html#smr-aug-2016"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/94082"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7989"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7989"
      },
      {
        "trust": 0.6,
        "url": "http://security.samsungmobile.com/smrupdate.html#smr"
      },
      {
        "trust": 0.3,
        "url": "http://www.samsung.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      },
      {
        "db": "BID",
        "id": "94082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7989"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-877"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      },
      {
        "db": "BID",
        "id": "94082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7989"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-877"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      },
      {
        "date": "2016-10-31T00:00:00",
        "db": "BID",
        "id": "94082"
      },
      {
        "date": "2016-11-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      },
      {
        "date": "2016-10-31T10:59:05.193000",
        "db": "NVD",
        "id": "CVE-2016-7989"
      },
      {
        "date": "2016-10-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-877"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-10558"
      },
      {
        "date": "2016-11-24T01:07:00",
        "db": "BID",
        "id": "94082"
      },
      {
        "date": "2016-11-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      },
      {
        "date": "2016-12-02T23:05:44.917000",
        "db": "NVD",
        "id": "CVE-2016-7989"
      },
      {
        "date": "2016-11-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-877"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-877"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Samsung Galaxy Device  wifi-service.jar of  WifiServiceImpl In the implementation of the class  ArrayIndexOutOfBoundsException Vulnerabilities that trigger non-processing",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005688"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-877"
      }
    ],
    "trust": 0.6
  }
}

cve-2016-7989

Vulnerability from fkie_nvd

Published

2016-10-31 10:59

Modified

2024-11-21 02:58

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
cve@mitre.org	http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/94082	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94082	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
google	android	4.2.2
google	android	4.3
google	android	4.3.1
google	android	4.4
google	android	4.4.1
google	android	4.4.2
google	android	4.4.3
google	android	4.4.4
google	android	5.0
google	android	5.0.1
google	android	5.0.2
google	android	5.1
google	android	5.1.0
google	android	5.1.1
google	android	6.0
google	android	6.0.1
samsung	galaxy_s4	-
samsung	galaxy_s4_mini	-
samsung	galaxy_s5	-
samsung	galaxy_s6	-
samsung	galaxy_s7	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "49413FF7-7910-4F74-B106-C3170612CB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8882E50-7C49-4A99-91F2-DF979CF8BB2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "98C32982-095C-4628-9958-118A3D3A9CAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CEEA22-63B4-4702-A400-01349DF0EC1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C4E6353-B77A-464F-B7DE-932704003B33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "77125688-2CCA-4990-ABB2-551D47CB0CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9915371-C730-41F7-B86E-7E4DE0DF5385",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7A8EC00-266C-409B-AD43-18E8DFCD6FE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B846C63A-7261-481E-B4A4-0D8C79E0D8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1D94CDD-DE7B-444E-A3AE-AE9C9A779374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E70C6D8D-C9C3-4D92-8DFC-71F59E068295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "691FA41B-C2CE-413F-ABB1-0B22CB322807",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "717D895C-E64D-4E0E-9F4A-9B191E6388B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "721FDF15-999F-42C1-90C2-4708C6DB98B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:samsung:galaxy_s5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7060E1BD-9FFF-4D74-A2EE-20ABB447EA23",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C84354-75A3-4E55-A2D0-C0783AF36B37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:samsung:galaxy_s7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F54653E7-88CD-4AA3-A2CD-BA0B116955F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542."
    },
    {
      "lang": "es",
      "value": "En dispositivos Samsung Galaxy S4 hasta la versi\u00f3n S7, un OTA WAP PUSH SMS mal formado que contiene un mensaje enviado OMACP desencadena remotamente un ArrayIndexOutOfBoundsException no controlado en la implementaci\u00f3n de Samsung de la clase WifiServiceImpl dentro de wifi-service.jar. Esto provoca que el tiempo de ejecuci\u00f3n de Android se caiga continuamente, haciendo al dispositivo inutilizable hasta que se realiza un restablecimiento de f\u00e1brica, un subconjunto de SVE-2016-6542."
    }
  ],
  "id": "CVE-2016-7989",
  "lastModified": "2024-11-21T02:58:51.423",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-10-31T10:59:05.193",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94082"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94082"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-254"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-q993-v9x4-3q2m

Vulnerability from github

Published

2022-05-17 03:35

Modified

2022-05-17 03:35

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-7989"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-10-31T10:59:00Z",
    "severity": "HIGH"
  },
  "details": "On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung\u0027s implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542.",
  "id": "GHSA-q993-v9x4-3q2m",
  "modified": "2022-05-17T03:35:10Z",
  "published": "2022-05-17T03:35:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7989"
    },
    {
      "type": "WEB",
      "url": "http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94082"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2016-7989

Vulnerability from cvelistv5

gsd-2016-7989

Vulnerability from gsd

var-201610-0197

Vulnerability from variot

cve-2016-7989

Vulnerability from fkie_nvd

ghsa-q993-v9x4-3q2m

Vulnerability from github

Tags

Sightings

Nomenclature