Vulnerability-Lookup

CVE-2018-11879 (GCVE-0-2018-11879)

Vulnerability from cvelistv5 – Published: 2018-10-29 18:00 – Updated: 2024-08-05 08:24

Summary

When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845

Severity

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

Integer Overflow to Buffer Overflow in WLAN

Assigner

qualcomm

References

2 references

URL	Tags
https://www.qualcomm.com/company/product-security…	x_refsource_CONFIRM
http://www.securityfocus.com/bid/107681	vdb-entryx_refsource_BID

Impacted products

1 product

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon Mobile	Affected: SD 845

Date Public

2018-10-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:24:02.250Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "name": "107681",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107681"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Snapdragon Mobile",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "SD 845"
            }
          ]
        }
      ],
      "datePublic": "2018-10-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Integer Overflow to Buffer Overflow in WLAN",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-03T10:06:06.000Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.qualcomm.com/company/product-security/bulletins"
        },
        {
          "name": "107681",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107681"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@qualcomm.com",
          "ID": "CVE-2018-11879",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Snapdragon Mobile",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "SD 845"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Qualcomm, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Integer Overflow to Buffer Overflow in WLAN"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.qualcomm.com/company/product-security/bulletins",
              "refsource": "CONFIRM",
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "107681",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107681"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2018-11879",
    "datePublished": "2018-10-29T18:00:00.000Z",
    "dateReserved": "2018-06-07T00:00:00.000Z",
    "dateUpdated": "2024-08-05T08:24:02.250Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-11879",
      "date": "2026-06-02",
      "epss": "0.00033",
      "percentile": "0.1011"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A2D2B3B-CB28-46AA-9117-A7FA371FDE80\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE18BF66-B0DB-48BB-B43A-56F01821F5A3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845\"}, {\"lang\": \"es\", \"value\": \"Cuando el tama\\u00f1o del b\\u00fafer que se pasa es muy grande, se podr\\u00eda omitir la comprobaci\\u00f3n de l\\u00edmites, lo que conduce a una potencial sobrescritura de b\\u00fafer en Snapdragon Mobile en su versi\\u00f3n SD 845.\"}]",
      "id": "CVE-2018-11879",
      "lastModified": "2024-11-21T03:44:11.713",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-10-29T18:29:06.840",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/107681\", \"source\": \"product-security@qualcomm.com\"}, {\"url\": \"https://www.qualcomm.com/company/product-security/bulletins\", \"source\": \"product-security@qualcomm.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/107681\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.qualcomm.com/company/product-security/bulletins\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "product-security@qualcomm.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-190\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-11879\",\"sourceIdentifier\":\"product-security@qualcomm.com\",\"published\":\"2018-10-29T18:29:06.840\",\"lastModified\":\"2024-11-21T03:44:11.713\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845\"},{\"lang\":\"es\",\"value\":\"Cuando el tama\u00f1o del b\u00fafer que se pasa es muy grande, se podr\u00eda omitir la comprobaci\u00f3n de l\u00edmites, lo que conduce a una potencial sobrescritura de b\u00fafer en Snapdragon Mobile en su versi\u00f3n SD 845.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A2D2B3B-CB28-46AA-9117-A7FA371FDE80\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE18BF66-B0DB-48BB-B43A-56F01821F5A3\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/107681\",\"source\":\"product-security@qualcomm.com\"},{\"url\":\"https://www.qualcomm.com/company/product-security/bulletins\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107681\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.qualcomm.com/company/product-security/bulletins\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2019-AVI-142

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Google	Android	Google Android toutes versions n'intégrant pas le correctif de sécurité du 01 avril 2019

References

Title

Publication Time

CERTFR-2019-AVI-142

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Google	Android	Google Android toutes versions n'intégrant pas le correctif de sécurité du 01 avril 2019

References

Title

Publication Time

FKIE_CVE-2018-11879

Vulnerability from fkie_nvd - Published: 2018-10-29 18:29 - Updated: 2024-11-21 03:44

Severity

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845

References

URL	Tags
product-security@qualcomm.com	http://www.securityfocus.com/bid/107681
product-security@qualcomm.com	https://www.qualcomm.com/company/product-security/bulletins	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/107681
af854a3a-2127-422b-91ae-364da2661108	https://www.qualcomm.com/company/product-security/bulletins	Vendor Advisory

Impacted products

	Vendor	Product	Version
	qualcomm	sd_845_firmware	-
	qualcomm	sd_845	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2D2B3B-CB28-46AA-9117-A7FA371FDE80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE18BF66-B0DB-48BB-B43A-56F01821F5A3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845"
    },
    {
      "lang": "es",
      "value": "Cuando el tama\u00f1o del b\u00fafer que se pasa es muy grande, se podr\u00eda omitir la comprobaci\u00f3n de l\u00edmites, lo que conduce a una potencial sobrescritura de b\u00fafer en Snapdragon Mobile en su versi\u00f3n SD 845."
    }
  ],
  "id": "CVE-2018-11879",
  "lastModified": "2024-11-21T03:44:11.713",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-29T18:29:06.840",
  "references": [
    {
      "source": "product-security@qualcomm.com",
      "url": "http://www.securityfocus.com/bid/107681"
    },
    {
      "source": "product-security@qualcomm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.qualcomm.com/company/product-security/bulletins"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/107681"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.qualcomm.com/company/product-security/bulletins"
    }
  ],
  "sourceIdentifier": "product-security@qualcomm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-HF5R-CGMF-M62G

Vulnerability from github – Published: 2022-05-14 01:13 – Updated: 2022-05-14 01:13

Details

When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845

Severity

7.8 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-11879"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-190"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-10-29T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845",
  "id": "GHSA-hf5r-cgmf-m62g",
  "modified": "2022-05-14T01:13:40Z",
  "published": "2022-05-14T01:13:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11879"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/107681"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2018-11879

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845

Aliases

CVE-2018-11879

Aliases

CVE-2018-11879

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-11879",
    "description": "When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845",
    "id": "GSD-2018-11879"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-11879"
      ],
      "details": "When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845",
      "id": "GSD-2018-11879",
      "modified": "2023-12-13T01:22:42.448791Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@qualcomm.com",
        "ID": "CVE-2018-11879",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Snapdragon Mobile",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "SD 845"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Qualcomm, Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Integer Overflow to Buffer Overflow in WLAN"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.qualcomm.com/company/product-security/bulletins",
            "refsource": "CONFIRM",
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "name": "107681",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/107681"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security.cna@qualcomm.com",
          "ID": "CVE-2018-11879"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-190"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.qualcomm.com/company/product-security/bulletins",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "107681",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/107681"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-04-03T11:29Z",
      "publishedDate": "2018-10-29T18:29Z"
    }
  }
}

VAR-201810-0527

Vulnerability from variot - Updated: 2023-12-18 12:01

When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845. Snapdragon Mobile Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-120487384, A-117119000, A-117118976, A-117118295, A-117119172, A-122473270, A-109678120, A-111093019, A-111092813, A-111089816, A-111092945, A-111092919, A-111091938, A-111093762, A-111093242, A-111090373, A-111092814, A-111093763, A-111093243, A-111089817, A-111092400, A-111090534, A-111091378, A-111092946, A-111093022, A-111093244, A-111092888, A-111093280, A-111092401, A-111093259, A-111090535, A-112279580, A-112279127, A-119049704, A-119052960, A-114042276, A-117118499, A-117119174, A-117119152, A-117118789, A-122472377, A-120483842, A-122472139 and A-122473145. Qualcomm SD 845 is a central processing unit (CPU) product of Qualcomm (Qualcomm). WLAN is one of the wireless local area network components. A buffer overflow vulnerability exists in the WLAN in the Qualcomm SD 845 (for mobile devices). A local attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201810-0527",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "sd 845",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "qualcomm",
        "version": null
      },
      {
        "model": "sd 845",
        "scope": null,
        "trust": 0.8,
        "vendor": "qualcomm",
        "version": null
      },
      {
        "model": "pixel xl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "0"
      },
      {
        "model": "pixel c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "0"
      },
      {
        "model": "pixel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "0"
      },
      {
        "model": "nexus player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "0"
      },
      {
        "model": "nexus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "9"
      },
      {
        "model": "nexus 6p",
        "scope": null,
        "trust": 0.3,
        "vendor": "google",
        "version": null
      },
      {
        "model": "nexus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "6"
      },
      {
        "model": "nexus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "5x"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "107681"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11879"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-11879"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported these issues.",
    "sources": [
      {
        "db": "BID",
        "id": "107681"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2018-11879",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.2,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2018-11879",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-121782",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-11879",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-11879",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201810-1415",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-121782",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-11879",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-121782"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-11879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11879"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845. Snapdragon Mobile Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-120487384, A-117119000, A-117118976, A-117118295, A-117119172, A-122473270, A-109678120, A-111093019, A-111092813, A-111089816, A-111092945, A-111092919, A-111091938, A-111093762, A-111093242, A-111090373, A-111092814, A-111093763, A-111093243, A-111089817, A-111092400, A-111090534, A-111091378, A-111092946, A-111093022, A-111093244, A-111092888, A-111093280, A-111092401, A-111093259, A-111090535, A-112279580, A-112279127, A-119049704, A-119052960, A-114042276, A-117118499, A-117119174, A-117119152, A-117118789, A-122472377, A-120483842, A-122472139 and A-122473145. Qualcomm SD 845 is a central processing unit (CPU) product of Qualcomm (Qualcomm). WLAN is one of the wireless local area network components. A buffer overflow vulnerability exists in the WLAN in the Qualcomm SD 845 (for mobile devices). A local attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-11879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      },
      {
        "db": "BID",
        "id": "107681"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121782"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-11879"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-11879",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "107681",
        "trust": 2.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011438",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1415",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-121782",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-11879",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-121782"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-11879"
      },
      {
        "db": "BID",
        "id": "107681"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11879"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ]
  },
  "id": "VAR-201810-0527",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-121782"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:01:11.232000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "October 2018 Qualcomm Technologies, Inc. Security Bulletin",
        "trust": 0.8,
        "url": "https://www.qualcomm.com/company/product-security/bulletins"
      },
      {
        "title": "Qualcomm SD 845 WLAN Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86414"
      },
      {
        "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2019",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=cd95df8ce79ebdc8577685322caeeedf"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-11879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-190",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-121782"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11879"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/107681"
      },
      {
        "trust": 1.8,
        "url": "https://www.qualcomm.com/company/product-security/bulletins"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11879"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11879"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2019-28925"
      },
      {
        "trust": 0.4,
        "url": "https://source.android.com/security/bulletin/2019-04-01.html"
      },
      {
        "trust": 0.3,
        "url": "http://code.google.com/android/"
      },
      {
        "trust": 0.3,
        "url": "http://www.qualcomm.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/190.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-121782"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-11879"
      },
      {
        "db": "BID",
        "id": "107681"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11879"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-121782"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-11879"
      },
      {
        "db": "BID",
        "id": "107681"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11879"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-121782"
      },
      {
        "date": "2018-10-29T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-11879"
      },
      {
        "date": "2019-04-01T00:00:00",
        "db": "BID",
        "id": "107681"
      },
      {
        "date": "2019-01-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      },
      {
        "date": "2018-10-29T18:29:06.840000",
        "db": "NVD",
        "id": "CVE-2018-11879"
      },
      {
        "date": "2018-10-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-04-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-121782"
      },
      {
        "date": "2019-04-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-11879"
      },
      {
        "date": "2019-04-01T00:00:00",
        "db": "BID",
        "id": "107681"
      },
      {
        "date": "2019-01-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      },
      {
        "date": "2019-04-03T11:29:04.113000",
        "db": "NVD",
        "id": "CVE-2018-11879"
      },
      {
        "date": "2019-04-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Snapdragon Mobile Integer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011438"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1415"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-11879 (GCVE-0-2018-11879)

CERTFR-2019-AVI-142

Solution

CERTFR-2019-AVI-142

Solution

FKIE_CVE-2018-11879

GHSA-HF5R-CGMF-M62G

GSD-2018-11879

VAR-201810-0527

Tags

Sightings

Nomenclature