var-201702-0393
Vulnerability from variot
Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. Samsumgandroidphone is a series of mobile phones based on the Android platform. The Samsumgandroid system service failed to handle exceptions correctly, allowing local attackers to conduct denial of service attacks by sending malicious service commands. Multiple Samsung Android Mobile devices are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0393", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "mobile", scope: "eq", trust: 1.6, vendor: "samsung", version: "4.4", }, { model: "mobile", scope: "eq", trust: 1.6, vendor: "samsung", version: "6.0", }, { model: "mobile", scope: "eq", trust: 1.6, vendor: "samsung", version: "5.0", }, { model: "mobile", scope: "eq", trust: 1.6, vendor: "samsung", version: "5.1", }, { model: "mobile", scope: null, trust: 0.8, vendor: "samsung", version: null, }, { model: "android phone", scope: null, trust: 0.6, vendor: "samsung", version: null, }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "6.0", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "5.1", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "5.0", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "4.4", }, ], sources: [ { db: "CNVD", id: "CNVD-2016-02879", }, { db: "BID", id: "96360", }, { db: "JVNDB", id: "JVNDB-2016-007542", }, { db: "NVD", id: "CVE-2016-4547", }, { db: "CNNVD", id: "CNNVD-201605-159", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:samsung:samsung_mobile:4.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2016-4547", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Vinc3nt4H of Alibaba Mobile Security Team.", sources: [ { db: "BID", id: "96360", }, ], trust: 0.3, }, cve: "CVE-2016-4547", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2016-4547", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CNVD-2016-02879", impactScore: 2.9, integrityImpact: "NONE", severity: "LOW", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2016-4547", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2016-4547", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2016-02879", trust: 0.6, value: "LOW", }, { author: "CNNVD", id: "CNNVD-201605-159", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2016-02879", }, { db: "JVNDB", id: "JVNDB-2016-007542", }, { db: "NVD", id: "CVE-2016-4547", }, { db: "CNNVD", id: "CNNVD-201605-159", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. Samsumgandroidphone is a series of mobile phones based on the Android platform. The Samsumgandroid system service failed to handle exceptions correctly, allowing local attackers to conduct denial of service attacks by sending malicious service commands. Multiple Samsung Android Mobile devices are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause denial-of-service conditions", sources: [ { db: "NVD", id: "CVE-2016-4547", }, { db: "JVNDB", id: "JVNDB-2016-007542", }, { db: "CNVD", id: "CNVD-2016-02879", }, { db: "BID", id: "96360", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2016-4547", trust: 3.3, }, { db: "OPENWALL", id: "OSS-SECURITY/2016/05/06/2", trust: 2.4, }, { db: "JVNDB", id: "JVNDB-2016-007542", trust: 0.8, }, { db: "CNVD", id: "CNVD-2016-02879", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201605-159", trust: 0.6, }, { db: "BID", id: "96360", trust: 0.3, }, ], sources: [ { db: "CNVD", id: "CNVD-2016-02879", }, { db: "BID", id: "96360", }, { db: "JVNDB", id: "JVNDB-2016-007542", }, { db: "NVD", id: "CVE-2016-4547", }, { db: "CNNVD", id: "CNNVD-201605-159", }, ], }, id: "VAR-201702-0393", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2016-02879", }, ], trust: 1.6, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2016-02879", }, ], }, last_update_date: "2023-12-18T13:39:04.457000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "SVE-2016-5134: TvoutService_C service DoS", trust: 0.8, url: "http://security.samsungmobile.com/smrupdate.html#smr-feb-2016", }, { title: "Patch for Samsumgandroidphone Denial of Service Vulnerability (CNVD-2016-02879)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/75391", }, ], sources: [ { db: "CNVD", id: "CNVD-2016-02879", }, { db: "JVNDB", id: "JVNDB-2016-007542", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2016-007542", }, { db: "NVD", id: "CVE-2016-4547", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://www.openwall.com/lists/oss-security/2016/05/06/2", }, { trust: 1.6, url: "http://security.samsungmobile.com/smrupdate.html#smr-feb-2016", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4547", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4547", }, { trust: 0.6, url: "http://security.samsungmobile.com/smrupdate.html#smr", }, { trust: 0.3, url: "http://www.samsung.com/", }, { trust: 0.3, url: "http://security.samsungmobile.com/smrupdate.html#smr-feb-2017", }, ], sources: [ { db: "CNVD", id: "CNVD-2016-02879", }, { db: "BID", id: "96360", }, { db: "JVNDB", id: "JVNDB-2016-007542", }, { db: "NVD", id: "CVE-2016-4547", }, { db: "CNNVD", id: "CNNVD-201605-159", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2016-02879", }, { db: "BID", id: "96360", }, { db: "JVNDB", id: "JVNDB-2016-007542", }, { db: "NVD", id: "CVE-2016-4547", }, { db: "CNNVD", id: "CNNVD-201605-159", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2016-05-10T00:00:00", db: "CNVD", id: "CNVD-2016-02879", }, { date: "2017-02-13T00:00:00", db: "BID", id: "96360", }, { date: "2017-03-06T00:00:00", db: "JVNDB", id: "JVNDB-2016-007542", }, { date: "2017-02-13T18:59:00.597000", db: "NVD", id: "CVE-2016-4547", }, { date: "2015-10-30T00:00:00", db: "CNNVD", id: "CNNVD-201605-159", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2016-05-10T00:00:00", db: "CNVD", id: "CNVD-2016-02879", }, { date: "2017-03-07T02:06:00", db: "BID", id: "96360", }, { date: "2017-03-06T00:00:00", db: "JVNDB", id: "JVNDB-2016-007542", }, { date: "2017-02-16T13:40:22.777000", db: "NVD", id: "CVE-2016-4547", }, { date: "2016-05-06T00:00:00", db: "CNNVD", id: "CNNVD-201605-159", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201605-159", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Android Equipped Samsung Service operation interruption in device products (DoS) Vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2016-007542", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation", sources: [ { db: "CNNVD", id: "CNNVD-201605-159", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.