Search

Find a vulnerability

Search criteria

    52 vulnerabilities found for eudora by qualcomm

    VAR-201911-1185

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. Qualcomm MDM9150 is a central processing unit (CPU) product. SDX20 is a modem.

    There are input validation error vulnerabilities in Audio in many Qualcomm products. The vulnerability stems from the fact that the network system or product did not correctly verify the input data. No detailed vulnerability details are currently available

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-1185",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 730",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 665",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm 8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "615/16"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "415"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "665"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "675"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "730"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "24"
          },
          {
            "model": "msm 8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "405"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "20"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "600"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9206"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9607"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9150"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9640"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9650"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9615"
          },
          {
            "model": "eudora",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2331"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          }
        ]
      },
      "cve": "CVE-2019-2331",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-2331",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-20154",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2331",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-2331",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2331",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2331",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-20154",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-127",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-127"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2331"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. Qualcomm MDM9150 is a central processing unit (CPU) product. SDX20 is a modem. \n\r\n\r\nThere are input validation error vulnerabilities in Audio in many Qualcomm products. The vulnerability stems from the fact that the network system or product did not correctly verify the input data. No detailed vulnerability details are currently available",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2331"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2331",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20154",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-127",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-127"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2331"
          }
        ]
      },
      "id": "VAR-201911-1185",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:34.897000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "title": "Patch for Multiple Qualcomm product input verification error vulnerabilities (CNVD-2020-20154)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211533"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97889"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-127"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-190",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2331"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2331"
          },
          {
            "trust": 1.2,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2019-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2331"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.com/security/bulletin/2019-09-01"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-127"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2331"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-127"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2331"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          },
          {
            "date": "2019-11-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          },
          {
            "date": "2019-09-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-127"
          },
          {
            "date": "2019-11-06T17:15:13.877000",
            "db": "NVD",
            "id": "CVE-2019-2331"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20154"
          },
          {
            "date": "2019-11-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          },
          {
            "date": "2019-11-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-127"
          },
          {
            "date": "2024-11-21T04:40:43.777000",
            "db": "NVD",
            "id": "CVE-2019-2331"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-127"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product integer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011587"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-127"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-1434

    Vulnerability from variot - Updated: 2024-11-23 22:55

    Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. Qualcomm MDM9150 is a central processing unit (CPU) product. SDX20 is a modem.

    Many Qualcomm products have input validation error vulnerabilities, and no detailed vulnerability details are currently available

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-1434",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 730",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm 8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "675"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "730"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "24"
          },
          {
            "model": "msm 8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "20"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9206"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9607"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9150"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9640"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9650"
          },
          {
            "model": "eudora",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2283"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qualcomm_215_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          }
        ]
      },
      "cve": "CVE-2019-2283",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-2283",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-20152",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2283",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-2283",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2283",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2283",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-20152",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-120",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-2283",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2283"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-120"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2283"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. Qualcomm MDM9150 is a central processing unit (CPU) product. SDX20 is a modem. \n\r\n\r\nMany Qualcomm products have input validation error vulnerabilities, and no detailed vulnerability details are currently available",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2283"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2283"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2283",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20152",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-120",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2283",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2283"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-120"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2283"
          }
        ]
      },
      "id": "VAR-201911-1434",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:55:20.582000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "title": "Patch for Multiple Qualcomm product input verification error vulnerabilities (CNVD-2020-20152)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211523"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97882"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-120"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-125",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2283"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2283"
          },
          {
            "trust": 1.2,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2019-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2283"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.com/security/bulletin/2019-09-01"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/125.html"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2283"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-120"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2283"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2283"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-120"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2283"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          },
          {
            "date": "2019-11-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-2283"
          },
          {
            "date": "2019-11-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          },
          {
            "date": "2019-09-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-120"
          },
          {
            "date": "2019-11-06T17:15:13.487000",
            "db": "NVD",
            "id": "CVE-2019-2283"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20152"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-2283"
          },
          {
            "date": "2019-11-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          },
          {
            "date": "2019-11-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-120"
          },
          {
            "date": "2024-11-21T04:40:36.840000",
            "db": "NVD",
            "id": "CVE-2019-2283"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-120"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011673"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-120"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-1177

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a vulnerability related to the use of uninitialized resources.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. Qualcomm MDM9150 is a central processing unit (CPU) product. SDX20 is a modem.

    Input validation error vulnerability exists in HLOS in many Qualcomm products. The vulnerability stems from the fact that the network system or product did not correctly verify the input data. No detailed vulnerability details are currently available

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-1177",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 730",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 665",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm 8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "665"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "675"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "730"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "24"
          },
          {
            "model": "msm 8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "405"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "20"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9206"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9607"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9150"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9640"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9650"
          },
          {
            "model": "sdm4",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm4",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdm4",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "43"
          },
          {
            "model": "eudora",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2323"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qualcomm_215_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          }
        ]
      },
      "cve": "CVE-2019-2323",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-2323",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-20161",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2323",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-2323",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2323",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2323",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-20161",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-155",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-155"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2323"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a vulnerability related to the use of uninitialized resources.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. Qualcomm MDM9150 is a central processing unit (CPU) product. SDX20 is a modem. \n\r\n\r\nInput validation error vulnerability exists in HLOS in many Qualcomm products. The vulnerability stems from the fact that the network system or product did not correctly verify the input data. No detailed vulnerability details are currently available",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2323"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2323",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20161",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-155",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-155"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2323"
          }
        ]
      },
      "id": "VAR-201911-1177",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:11.930000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "title": "Patch for Multiple Qualcomm product input verification error vulnerabilities (CNVD-2020-20161)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211537"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97917"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-155"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-1187",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2323"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2323"
          },
          {
            "trust": 1.2,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2019-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2323"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.com/security/bulletin/2019-09-01"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-155"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2323"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-155"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2323"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          },
          {
            "date": "2019-11-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          },
          {
            "date": "2019-09-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-155"
          },
          {
            "date": "2019-11-06T17:15:13.690000",
            "db": "NVD",
            "id": "CVE-2019-2323"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20161"
          },
          {
            "date": "2019-11-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          },
          {
            "date": "2019-11-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-155"
          },
          {
            "date": "2024-11-21T04:40:42.527000",
            "db": "NVD",
            "id": "CVE-2019-2323"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-155"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerabilities related to the use of uninitialized resources in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011670"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-155"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-1433

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607, etc. are all products of Qualcomm. MDM9607 is a central processing unit (CPU) product. Qualcomm MDM9150 is a central processing unit (CPU) product. SDX20 is a modem.

    MMCP in many Qualcomm products has an input validation error vulnerability. The vulnerability stems from the fact that the network system or product did not correctly verify the input data, and there is currently no detailed vulnerability details provided

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-1433",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 730",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 665",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 8cx",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm 8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "615/16"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "415"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "665"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "675"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "730"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "msm 8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "20"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9607"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9150"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9640"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9650"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9615"
          },
          {
            "model": "sd 8cx",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "2016"
          },
          {
            "model": "sxr",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "1130"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9625"
          },
          {
            "model": "mdm 9635m",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9655"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "650/52"
          },
          {
            "model": "eudora",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2258"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "heidada",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-123"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-2258",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-2258",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-20150",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2258",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-2258",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2258",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2258",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-20150",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-123",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-123"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2258"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607, etc. are all products of Qualcomm. MDM9607 is a central processing unit (CPU) product. Qualcomm MDM9150 is a central processing unit (CPU) product. SDX20 is a modem. \n\r\n\r\nMMCP in many Qualcomm products has an input validation error vulnerability. The vulnerability stems from the fact that the network system or product did not correctly verify the input data, and there is currently no detailed vulnerability details provided",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2258"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2258",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20150",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-123",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-123"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2258"
          }
        ]
      },
      "id": "VAR-201911-1433",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:47.136000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "title": "Patch for Multiple Qualcomm product input verification error vulnerabilities (CNVD-2020-20150)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211527"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97885"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-123"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-129",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2258"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2258"
          },
          {
            "trust": 1.2,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2019-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2258"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.com/security/bulletin/2019-09-01"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-123"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2258"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-123"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2258"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          },
          {
            "date": "2019-11-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          },
          {
            "date": "2019-09-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-123"
          },
          {
            "date": "2019-11-06T17:15:13.330000",
            "db": "NVD",
            "id": "CVE-2019-2258"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20150"
          },
          {
            "date": "2019-11-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          },
          {
            "date": "2019-11-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-123"
          },
          {
            "date": "2024-11-21T04:40:33.563000",
            "db": "NVD",
            "id": "CVE-2019-2258"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-123"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to array index verification in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011676"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-123"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-1425

    Vulnerability from variot - Updated: 2024-11-23 22:21

    Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9205, MDM9650, QCA8081, QCS605, SD 427, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9650 is a central processing unit (CPU) product of Qualcomm.

    The Kernel in many Qualcomm products has an input validation error vulnerability. The vulnerability stems from the fact that the network system or product did not correctly verify the input data. No detailed vulnerability details are currently available

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-1425",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 8cx",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 730",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 665",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9650"
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "665"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "675"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "730"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "20"
          },
          {
            "model": "sd 8cx",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "2016"
          },
          {
            "model": "sxr",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "1130"
          },
          {
            "model": "ipq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8074"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9205"
          },
          {
            "model": "qca",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8081"
          },
          {
            "model": "eudora",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2249"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca8081_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_636_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          }
        ]
      },
      "cve": "CVE-2019-2249",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-2249",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-20149",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2249",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-2249",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2249",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2249",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-20149",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-124",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2249"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9205, MDM9650, QCA8081, QCS605, SD 427, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9650 is a central processing unit (CPU) product of Qualcomm. \n\r\n\r\nThe Kernel in many Qualcomm products has an input validation error vulnerability. The vulnerability stems from the fact that the network system or product did not correctly verify the input data. No detailed vulnerability details are currently available",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2249"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2249",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20149",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-124",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2249"
          }
        ]
      },
      "id": "VAR-201911-1425",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:21:24.025000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "title": "Patch for Multiple Qualcomm product input verification error vulnerabilities (CNVD-2020-20149)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211529"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97886"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-124"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-125",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2249"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2249"
          },
          {
            "trust": 1.2,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2019-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2249"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.com/security/bulletin/2019-09-01"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2249"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2249"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          },
          {
            "date": "2019-11-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          },
          {
            "date": "2019-09-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-124"
          },
          {
            "date": "2019-11-06T17:15:13.267000",
            "db": "NVD",
            "id": "CVE-2019-2249"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20149"
          },
          {
            "date": "2019-11-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          },
          {
            "date": "2019-11-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-124"
          },
          {
            "date": "2024-11-21T04:40:32.140000",
            "db": "NVD",
            "id": "CVE-2019-2249"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-124"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product out-of-bounds vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011677"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-124"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-1430

    Vulnerability from variot - Updated: 2024-11-23 22:16

    While deserializing any key blob during key operations, buffer overflow could occur exposing partial key information if any key operations are invoked(Depends on CVE-2018-13907) in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains an input validation vulnerability.Information may be obtained. Qualcomm MDM9206 is a central processing unit (CPU) product of Qualcomm.

    Many Qualcomm products have input validation error vulnerabilities, which can be exploited by attackers to cause buffer overflows or heap overflows

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-1430",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 8cx",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm 8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "msm 8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9206"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9607"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9150"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9650"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9205"
          },
          {
            "model": "sd 8cx",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "2016"
          },
          {
            "model": "sxr",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "1130"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "650/52"
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "404"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "410/12"
          },
          {
            "model": "eudora",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2275"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs404_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qualcomm_215_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          }
        ]
      },
      "cve": "CVE-2019-2275",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2275",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-20151",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-2275",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-2275",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2275",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2275",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-20151",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-122",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-122"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2275"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "While deserializing any key blob during key operations, buffer overflow could occur exposing partial key information if any key operations are invoked(Depends on CVE-2018-13907) in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains an input validation vulnerability.Information may be obtained. Qualcomm MDM9206 is a central processing unit (CPU) product of Qualcomm. \n\r\n\r\nMany Qualcomm products have input validation error vulnerabilities, which can be exploited by attackers to cause buffer overflows or heap overflows",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2275"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2275",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20151",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-122",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-122"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2275"
          }
        ]
      },
      "id": "VAR-201911-1430",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:16:46.300000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/"
          },
          {
            "title": "Patch for Multiple Qualcomm product input verification error vulnerabilities (CNVD-2020-20151)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211525"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97884"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-122"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-20",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2275"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2275"
          },
          {
            "trust": 1.2,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2019-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2275"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.com/security/bulletin/2019-09-01"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-122"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2275"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-122"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2275"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          },
          {
            "date": "2019-11-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          },
          {
            "date": "2019-09-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-122"
          },
          {
            "date": "2019-11-06T17:15:13.410000",
            "db": "NVD",
            "id": "CVE-2019-2275"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20151"
          },
          {
            "date": "2019-11-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          },
          {
            "date": "2020-10-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-122"
          },
          {
            "date": "2024-11-21T04:40:35.850000",
            "db": "NVD",
            "id": "CVE-2019-2275"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-122"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to input validation in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011674"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-122"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2002-2351 (GCVE-0-2002-2351)

    Vulnerability from cvelistv5 – Published: 2007-10-29 19:00 – Updated: 2024-09-16 21:08
    VLAI
    Summary
    Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:59:11.886Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5432",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5432"
              },
              {
                "name": "20020807 Eudora attachment spoof",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00142.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing \".\" (dot)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-10-29T19:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5432",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5432"
            },
            {
              "name": "20020807 Eudora attachment spoof",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00142.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-2351",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing \".\" (dot)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5432",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5432"
                },
                {
                  "name": "20020807 Eudora attachment spoof",
                  "refsource": "BUGTRAQ",
                  "url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00142.html"
                },
                {
                  "name": "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-2351",
        "datePublished": "2007-10-29T19:00:00.000Z",
        "dateReserved": "2007-10-29T00:00:00.000Z",
        "dateUpdated": "2024-09-16T21:08:11.092Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-2313 (GCVE-0-2002-2313)

    Vulnerability from cvelistv5 – Published: 2007-10-26 19:00 – Updated: 2024-09-16 22:56
    VLAI
    Summary
    Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.iss.net/security_center/static/9654.php vdb-entryx_refsource_XF
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:59:12.048Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20020724 REFRESH: EUDORA MAIL 5.1.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000644.html"
              },
              {
                "name": "eudora-mhtml-execute-files(9654)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/9654.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Eudora email client 5.1.1, with \"use Microsoft viewer\" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-10-26T19:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20020724 REFRESH: EUDORA MAIL 5.1.1",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000644.html"
            },
            {
              "name": "eudora-mhtml-execute-files(9654)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/9654.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-2313",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Eudora email client 5.1.1, with \"use Microsoft viewer\" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20020724 REFRESH: EUDORA MAIL 5.1.1",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000644.html"
                },
                {
                  "name": "eudora-mhtml-execute-files(9654)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/9654.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-2313",
        "datePublished": "2007-10-26T19:00:00.000Z",
        "dateReserved": "2007-10-26T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:56:28.032Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3166 (GCVE-0-2007-3166)

    Vulnerability from cvelistv5 – Published: 2007-06-11 22:00 – Updated: 2024-08-07 14:05
    VLAI
    Summary
    Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/4014 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/36197 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/24251 vdb-entryx_refsource_BID
    Date Public
    2007-05-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:05:29.266Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4014",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4014"
              },
              {
                "name": "eudora-imap-command-execution(34625)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34625"
              },
              {
                "name": "36197",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36197"
              },
              {
                "name": "24251",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24251"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4014",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4014"
            },
            {
              "name": "eudora-imap-command-execution(34625)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34625"
            },
            {
              "name": "36197",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36197"
            },
            {
              "name": "24251",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24251"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3166",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4014",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4014"
                },
                {
                  "name": "eudora-imap-command-execution(34625)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34625"
                },
                {
                  "name": "36197",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36197"
                },
                {
                  "name": "24251",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24251"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3166",
        "datePublished": "2007-06-11T22:00:00.000Z",
        "dateReserved": "2007-06-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:05:29.266Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2770 (GCVE-0-2007-2770)

    Vulnerability from cvelistv5 – Published: 2007-05-21 21:00 – Updated: 2024-08-07 13:49
    VLAI
    Summary
    Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote SMTP servers to execute arbitrary code via a long SMTP reply. NOTE: the user must click through a warning about a possible buffer overflow exploit to trigger this issue.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/3934 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/36198 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/25282 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-05-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:49:57.411Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3934",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3934"
              },
              {
                "name": "eudora-smtp-server-bo(34324)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34324"
              },
              {
                "name": "36198",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36198"
              },
              {
                "name": "25282",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25282"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote SMTP servers to execute arbitrary code via a long SMTP reply.  NOTE: the user must click through a warning about a possible buffer overflow exploit to trigger this issue."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3934",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3934"
            },
            {
              "name": "eudora-smtp-server-bo(34324)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34324"
            },
            {
              "name": "36198",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36198"
            },
            {
              "name": "25282",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25282"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2770",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote SMTP servers to execute arbitrary code via a long SMTP reply.  NOTE: the user must click through a warning about a possible buffer overflow exploit to trigger this issue."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3934",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3934"
                },
                {
                  "name": "eudora-smtp-server-bo(34324)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34324"
                },
                {
                  "name": "36198",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36198"
                },
                {
                  "name": "25282",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25282"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2770",
        "datePublished": "2007-05-21T21:00:00.000Z",
        "dateReserved": "2007-05-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:49:57.411Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1770 (GCVE-0-2002-1770)

    Vulnerability from cvelistv5 – Published: 2005-06-21 04:00 – Updated: 2024-08-08 03:34
    VLAI
    Summary
    Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:34:56.202Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "msviewer-tvideo-execute-attachment(8609)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8609"
              },
              {
                "name": "2002032 Automatically opening IE + Executing attachments",
                "tags": [
                  "mailing-list",
                  "x_refsource_NTBUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=ntbugtraq\u0026m=101680201823534\u0026w=2"
              },
              {
                "name": "2002032 Automatically opening IE + Executing attachments",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=101680576827641\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://security.greymagic.com/adv/gm002-ie/"
              },
              {
                "name": "4343",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4343"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "msviewer-tvideo-execute-attachment(8609)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8609"
            },
            {
              "name": "2002032 Automatically opening IE + Executing attachments",
              "tags": [
                "mailing-list",
                "x_refsource_NTBUGTRAQ"
              ],
              "url": "http://marc.info/?l=ntbugtraq\u0026m=101680201823534\u0026w=2"
            },
            {
              "name": "2002032 Automatically opening IE + Executing attachments",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=101680576827641\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://security.greymagic.com/adv/gm002-ie/"
            },
            {
              "name": "4343",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4343"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1770",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "msviewer-tvideo-execute-attachment(8609)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8609"
                },
                {
                  "name": "2002032 Automatically opening IE + Executing attachments",
                  "refsource": "NTBUGTRAQ",
                  "url": "http://marc.info/?l=ntbugtraq\u0026m=101680201823534\u0026w=2"
                },
                {
                  "name": "2002032 Automatically opening IE + Executing attachments",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=101680576827641\u0026w=2"
                },
                {
                  "name": "http://security.greymagic.com/adv/gm002-ie/",
                  "refsource": "MISC",
                  "url": "http://security.greymagic.com/adv/gm002-ie/"
                },
                {
                  "name": "4343",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4343"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1770",
        "datePublished": "2005-06-21T04:00:00.000Z",
        "dateReserved": "2005-06-21T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:34:56.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1944 (GCVE-0-2004-1944)

    Vulnerability from cvelistv5 – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:07
    VLAI
    Summary
    Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/10137 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/11360 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=108241694627321&w=2 mailing-listx_refsource_BUGTRAQ
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    Date Public
    2004-04-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:07:49.165Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "10137",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10137"
              },
              {
                "name": "eudora-mime-message-dos(15857)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15857"
              },
              {
                "name": "11360",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11360"
              },
              {
                "name": "20040419 Eudora 6.1 is evil",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108241694627321\u0026w=2"
              },
              {
                "name": "20040414 Eudora 6.0.3 nested MIME DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020075.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-04-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "10137",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10137"
            },
            {
              "name": "eudora-mime-message-dos(15857)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15857"
            },
            {
              "name": "11360",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11360"
            },
            {
              "name": "20040419 Eudora 6.1 is evil",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108241694627321\u0026w=2"
            },
            {
              "name": "20040414 Eudora 6.0.3 nested MIME DoS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020075.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1944",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "10137",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10137"
                },
                {
                  "name": "eudora-mime-message-dos(15857)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15857"
                },
                {
                  "name": "11360",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11360"
                },
                {
                  "name": "20040419 Eudora 6.1 is evil",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108241694627321\u0026w=2"
                },
                {
                  "name": "20040414 Eudora 6.0.3 nested MIME DoS",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020075.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1944",
        "datePublished": "2005-05-10T04:00:00.000Z",
        "dateReserved": "2005-05-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:07:49.165Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2005 (GCVE-0-2004-2005)

    Vulnerability from cvelistv5 – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:15
    VLAI
    Summary
    Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.eudora.com/download/eudora/windows/6.1… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/10298 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=108395487628044&w=2 mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/11568 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://lists.netsys.com/pipermail/full-disclosure… mailing-listx_refsource_FULLDISC
    Date Public
    2004-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:15:01.049Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt"
              },
              {
                "name": "10298",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10298"
              },
              {
                "name": "20040507 Eudora file URL buffer overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108395487628044\u0026w=2"
              },
              {
                "name": "11568",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11568"
              },
              {
                "name": "eudora-long-url-bo(16086)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16086"
              },
              {
                "name": "20040507 Eudora file URL buffer overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.netsys.com/pipermail/full-disclosure/2004-May/021059.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt"
            },
            {
              "name": "10298",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10298"
            },
            {
              "name": "20040507 Eudora file URL buffer overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108395487628044\u0026w=2"
            },
            {
              "name": "11568",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11568"
            },
            {
              "name": "eudora-long-url-bo(16086)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16086"
            },
            {
              "name": "20040507 Eudora file URL buffer overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.netsys.com/pipermail/full-disclosure/2004-May/021059.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2005",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt"
                },
                {
                  "name": "10298",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10298"
                },
                {
                  "name": "20040507 Eudora file URL buffer overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108395487628044\u0026w=2"
                },
                {
                  "name": "11568",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11568"
                },
                {
                  "name": "eudora-long-url-bo(16086)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16086"
                },
                {
                  "name": "20040507 Eudora file URL buffer overflow",
                  "refsource": "FULLDISC",
                  "url": "http://lists.netsys.com/pipermail/full-disclosure/2004-May/021059.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2005",
        "datePublished": "2005-05-10T04:00:00.000Z",
        "dateReserved": "2005-05-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:15:01.049Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1521 (GCVE-0-2004-1521)

    Vulnerability from cvelistv5 – Published: 2005-02-19 05:00 – Updated: 2024-08-08 00:53
    VLAI
    Summary
    Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed "Converted" headers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-11-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:53:24.118Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20041113 Eudora 6.2 attachment spoof",
                "tags": [
                  "mailing-list",
                  "x_refsource_NTBUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=ntbugtraq\u0026m=110053102601655\u0026w=2"
              },
              {
                "name": "eudora-base64-attach-spoof-variant(18064)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18064"
              },
              {
                "name": "20041113 Eudora 6.2 attachment spoof",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110037078519691\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.nl/0411-exploits/eudora62014.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed \"Converted\" headers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20041113 Eudora 6.2 attachment spoof",
              "tags": [
                "mailing-list",
                "x_refsource_NTBUGTRAQ"
              ],
              "url": "http://marc.info/?l=ntbugtraq\u0026m=110053102601655\u0026w=2"
            },
            {
              "name": "eudora-base64-attach-spoof-variant(18064)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18064"
            },
            {
              "name": "20041113 Eudora 6.2 attachment spoof",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110037078519691\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.nl/0411-exploits/eudora62014.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1521",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed \"Converted\" headers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20041113 Eudora 6.2 attachment spoof",
                  "refsource": "NTBUGTRAQ",
                  "url": "http://marc.info/?l=ntbugtraq\u0026m=110053102601655\u0026w=2"
                },
                {
                  "name": "eudora-base64-attach-spoof-variant(18064)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18064"
                },
                {
                  "name": "20041113 Eudora 6.2 attachment spoof",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110037078519691\u0026w=2"
                },
                {
                  "name": "http://packetstormsecurity.nl/0411-exploits/eudora62014.txt",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.nl/0411-exploits/eudora62014.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1521",
        "datePublished": "2005-02-19T05:00:00.000Z",
        "dateReserved": "2005-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:53:24.118Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0376 (GCVE-0-2003-0376)

    Vulnerability from cvelistv5 – Published: 2003-06-06 04:00 – Updated: 2024-08-08 01:50
    VLAI
    Summary
    Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=105370625529452&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-05-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:50:47.721Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030523 Eudora 5.2.1 buffer overflow DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=105370625529452\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030523 Eudora 5.2.1 buffer overflow DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=105370625529452\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0376",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030523 Eudora 5.2.1 buffer overflow DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=105370625529452\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0376",
        "datePublished": "2003-06-06T04:00:00.000Z",
        "dateReserved": "2003-06-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:50:47.721Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0336 (GCVE-0-2003-0336)

    Vulnerability from cvelistv5 – Published: 2003-05-23 04:00 – Updated: 2024-08-08 01:50
    VLAI
    Summary
    Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=105362278914731&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-05-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:50:47.334Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030522 Eudora 5.2.1 attachment spoof",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=105362278914731\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-05-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed \"Attachment Converted:\" string, which is not properly handled by Eudora."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030522 Eudora 5.2.1 attachment spoof",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=105362278914731\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0336",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed \"Attachment Converted:\" string, which is not properly handled by Eudora."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030522 Eudora 5.2.1 attachment spoof",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=105362278914731\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0336",
        "datePublished": "2003-05-23T04:00:00.000Z",
        "dateReserved": "2003-05-22T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:50:47.334Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0302 (GCVE-0-2003-0302)

    Vulnerability from cvelistv5 – Published: 2003-05-15 04:00 – Updated: 2024-08-08 01:50
    VLAI
    Summary
    The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=105294024124163&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-05-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:50:47.730Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030514 Buffer overflows in multiple IMAP clients",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-05-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030514 Buffer overflows in multiple IMAP clients",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0302",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030514 Buffer overflows in multiple IMAP clients",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0302",
        "datePublished": "2003-05-15T04:00:00.000Z",
        "dateReserved": "2003-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:50:47.730Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0300 (GCVE-0-2003-0300)

    Vulnerability from cvelistv5 – Published: 2003-05-15 04:00 – Updated: 2024-08-08 01:50
    VLAI
    Summary
    The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=105294024124163&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-05-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:50:47.085Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030514 Buffer overflows in multiple IMAP clients",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-05-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030514 Buffer overflows in multiple IMAP clients",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0300",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030514 Buffer overflows in multiple IMAP clients",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0300",
        "datePublished": "2003-05-15T04:00:00.000Z",
        "dateReserved": "2003-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:50:47.085Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3166 (GCVE-0-2007-3166)

    Vulnerability from nvd – Published: 2007-06-11 22:00 – Updated: 2024-08-07 14:05
    VLAI
    Summary
    Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/4014 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/36197 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/24251 vdb-entryx_refsource_BID
    Date Public
    2007-05-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:05:29.266Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4014",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4014"
              },
              {
                "name": "eudora-imap-command-execution(34625)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34625"
              },
              {
                "name": "36197",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36197"
              },
              {
                "name": "24251",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24251"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4014",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4014"
            },
            {
              "name": "eudora-imap-command-execution(34625)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34625"
            },
            {
              "name": "36197",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36197"
            },
            {
              "name": "24251",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24251"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3166",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4014",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4014"
                },
                {
                  "name": "eudora-imap-command-execution(34625)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34625"
                },
                {
                  "name": "36197",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36197"
                },
                {
                  "name": "24251",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24251"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3166",
        "datePublished": "2007-06-11T22:00:00.000Z",
        "dateReserved": "2007-06-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:05:29.266Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2770 (GCVE-0-2007-2770)

    Vulnerability from nvd – Published: 2007-05-21 21:00 – Updated: 2024-08-07 13:49
    VLAI
    Summary
    Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote SMTP servers to execute arbitrary code via a long SMTP reply. NOTE: the user must click through a warning about a possible buffer overflow exploit to trigger this issue.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/3934 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/36198 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/25282 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-05-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:49:57.411Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3934",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3934"
              },
              {
                "name": "eudora-smtp-server-bo(34324)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34324"
              },
              {
                "name": "36198",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36198"
              },
              {
                "name": "25282",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25282"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote SMTP servers to execute arbitrary code via a long SMTP reply.  NOTE: the user must click through a warning about a possible buffer overflow exploit to trigger this issue."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3934",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3934"
            },
            {
              "name": "eudora-smtp-server-bo(34324)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34324"
            },
            {
              "name": "36198",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36198"
            },
            {
              "name": "25282",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25282"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2770",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote SMTP servers to execute arbitrary code via a long SMTP reply.  NOTE: the user must click through a warning about a possible buffer overflow exploit to trigger this issue."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3934",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3934"
                },
                {
                  "name": "eudora-smtp-server-bo(34324)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34324"
                },
                {
                  "name": "36198",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36198"
                },
                {
                  "name": "25282",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25282"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2770",
        "datePublished": "2007-05-21T21:00:00.000Z",
        "dateReserved": "2007-05-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:49:57.411Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1521 (GCVE-0-2004-1521)

    Vulnerability from nvd – Published: 2005-02-19 05:00 – Updated: 2024-08-08 00:53
    VLAI
    Summary
    Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed "Converted" headers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-11-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:53:24.118Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20041113 Eudora 6.2 attachment spoof",
                "tags": [
                  "mailing-list",
                  "x_refsource_NTBUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=ntbugtraq\u0026m=110053102601655\u0026w=2"
              },
              {
                "name": "eudora-base64-attach-spoof-variant(18064)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18064"
              },
              {
                "name": "20041113 Eudora 6.2 attachment spoof",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110037078519691\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.nl/0411-exploits/eudora62014.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed \"Converted\" headers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20041113 Eudora 6.2 attachment spoof",
              "tags": [
                "mailing-list",
                "x_refsource_NTBUGTRAQ"
              ],
              "url": "http://marc.info/?l=ntbugtraq\u0026m=110053102601655\u0026w=2"
            },
            {
              "name": "eudora-base64-attach-spoof-variant(18064)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18064"
            },
            {
              "name": "20041113 Eudora 6.2 attachment spoof",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110037078519691\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.nl/0411-exploits/eudora62014.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1521",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed \"Converted\" headers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20041113 Eudora 6.2 attachment spoof",
                  "refsource": "NTBUGTRAQ",
                  "url": "http://marc.info/?l=ntbugtraq\u0026m=110053102601655\u0026w=2"
                },
                {
                  "name": "eudora-base64-attach-spoof-variant(18064)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18064"
                },
                {
                  "name": "20041113 Eudora 6.2 attachment spoof",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110037078519691\u0026w=2"
                },
                {
                  "name": "http://packetstormsecurity.nl/0411-exploits/eudora62014.txt",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.nl/0411-exploits/eudora62014.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1521",
        "datePublished": "2005-02-19T05:00:00.000Z",
        "dateReserved": "2005-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:53:24.118Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2005 (GCVE-0-2004-2005)

    Vulnerability from nvd – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:15
    VLAI
    Summary
    Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.eudora.com/download/eudora/windows/6.1… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/10298 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=108395487628044&w=2 mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/11568 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://lists.netsys.com/pipermail/full-disclosure… mailing-listx_refsource_FULLDISC
    Date Public
    2004-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:15:01.049Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt"
              },
              {
                "name": "10298",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10298"
              },
              {
                "name": "20040507 Eudora file URL buffer overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108395487628044\u0026w=2"
              },
              {
                "name": "11568",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11568"
              },
              {
                "name": "eudora-long-url-bo(16086)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16086"
              },
              {
                "name": "20040507 Eudora file URL buffer overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.netsys.com/pipermail/full-disclosure/2004-May/021059.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt"
            },
            {
              "name": "10298",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10298"
            },
            {
              "name": "20040507 Eudora file URL buffer overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108395487628044\u0026w=2"
            },
            {
              "name": "11568",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11568"
            },
            {
              "name": "eudora-long-url-bo(16086)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16086"
            },
            {
              "name": "20040507 Eudora file URL buffer overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.netsys.com/pipermail/full-disclosure/2004-May/021059.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2005",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt"
                },
                {
                  "name": "10298",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10298"
                },
                {
                  "name": "20040507 Eudora file URL buffer overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108395487628044\u0026w=2"
                },
                {
                  "name": "11568",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11568"
                },
                {
                  "name": "eudora-long-url-bo(16086)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16086"
                },
                {
                  "name": "20040507 Eudora file URL buffer overflow",
                  "refsource": "FULLDISC",
                  "url": "http://lists.netsys.com/pipermail/full-disclosure/2004-May/021059.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2005",
        "datePublished": "2005-05-10T04:00:00.000Z",
        "dateReserved": "2005-05-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:15:01.049Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1944 (GCVE-0-2004-1944)

    Vulnerability from nvd – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:07
    VLAI
    Summary
    Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/10137 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/11360 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=108241694627321&w=2 mailing-listx_refsource_BUGTRAQ
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    Date Public
    2004-04-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:07:49.165Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "10137",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10137"
              },
              {
                "name": "eudora-mime-message-dos(15857)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15857"
              },
              {
                "name": "11360",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11360"
              },
              {
                "name": "20040419 Eudora 6.1 is evil",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108241694627321\u0026w=2"
              },
              {
                "name": "20040414 Eudora 6.0.3 nested MIME DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020075.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-04-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "10137",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10137"
            },
            {
              "name": "eudora-mime-message-dos(15857)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15857"
            },
            {
              "name": "11360",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11360"
            },
            {
              "name": "20040419 Eudora 6.1 is evil",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108241694627321\u0026w=2"
            },
            {
              "name": "20040414 Eudora 6.0.3 nested MIME DoS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020075.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1944",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "10137",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10137"
                },
                {
                  "name": "eudora-mime-message-dos(15857)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15857"
                },
                {
                  "name": "11360",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11360"
                },
                {
                  "name": "20040419 Eudora 6.1 is evil",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108241694627321\u0026w=2"
                },
                {
                  "name": "20040414 Eudora 6.0.3 nested MIME DoS",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020075.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1944",
        "datePublished": "2005-05-10T04:00:00.000Z",
        "dateReserved": "2005-05-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:07:49.165Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0302 (GCVE-0-2003-0302)

    Vulnerability from nvd – Published: 2003-05-15 04:00 – Updated: 2024-08-08 01:50
    VLAI
    Summary
    The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=105294024124163&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-05-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:50:47.730Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030514 Buffer overflows in multiple IMAP clients",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-05-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030514 Buffer overflows in multiple IMAP clients",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0302",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030514 Buffer overflows in multiple IMAP clients",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0302",
        "datePublished": "2003-05-15T04:00:00.000Z",
        "dateReserved": "2003-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:50:47.730Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0376 (GCVE-0-2003-0376)

    Vulnerability from nvd – Published: 2003-06-06 04:00 – Updated: 2024-08-08 01:50
    VLAI
    Summary
    Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=105370625529452&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-05-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:50:47.721Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030523 Eudora 5.2.1 buffer overflow DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=105370625529452\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030523 Eudora 5.2.1 buffer overflow DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=105370625529452\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0376",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030523 Eudora 5.2.1 buffer overflow DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=105370625529452\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0376",
        "datePublished": "2003-06-06T04:00:00.000Z",
        "dateReserved": "2003-06-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:50:47.721Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0300 (GCVE-0-2003-0300)

    Vulnerability from nvd – Published: 2003-05-15 04:00 – Updated: 2024-08-08 01:50
    VLAI
    Summary
    The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=105294024124163&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-05-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:50:47.085Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030514 Buffer overflows in multiple IMAP clients",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-05-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030514 Buffer overflows in multiple IMAP clients",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0300",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030514 Buffer overflows in multiple IMAP clients",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0300",
        "datePublished": "2003-05-15T04:00:00.000Z",
        "dateReserved": "2003-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:50:47.085Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0336 (GCVE-0-2003-0336)

    Vulnerability from nvd – Published: 2003-05-23 04:00 – Updated: 2024-08-08 01:50
    VLAI
    Summary
    Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=105362278914731&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-05-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:50:47.334Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030522 Eudora 5.2.1 attachment spoof",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=105362278914731\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-05-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed \"Attachment Converted:\" string, which is not properly handled by Eudora."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030522 Eudora 5.2.1 attachment spoof",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=105362278914731\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0336",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed \"Attachment Converted:\" string, which is not properly handled by Eudora."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030522 Eudora 5.2.1 attachment spoof",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=105362278914731\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0336",
        "datePublished": "2003-05-23T04:00:00.000Z",
        "dateReserved": "2003-05-22T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:50:47.334Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1770 (GCVE-0-2002-1770)

    Vulnerability from nvd – Published: 2005-06-21 04:00 – Updated: 2024-08-08 03:34
    VLAI
    Summary
    Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:34:56.202Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "msviewer-tvideo-execute-attachment(8609)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8609"
              },
              {
                "name": "2002032 Automatically opening IE + Executing attachments",
                "tags": [
                  "mailing-list",
                  "x_refsource_NTBUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=ntbugtraq\u0026m=101680201823534\u0026w=2"
              },
              {
                "name": "2002032 Automatically opening IE + Executing attachments",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=101680576827641\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://security.greymagic.com/adv/gm002-ie/"
              },
              {
                "name": "4343",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4343"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "msviewer-tvideo-execute-attachment(8609)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8609"
            },
            {
              "name": "2002032 Automatically opening IE + Executing attachments",
              "tags": [
                "mailing-list",
                "x_refsource_NTBUGTRAQ"
              ],
              "url": "http://marc.info/?l=ntbugtraq\u0026m=101680201823534\u0026w=2"
            },
            {
              "name": "2002032 Automatically opening IE + Executing attachments",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=101680576827641\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://security.greymagic.com/adv/gm002-ie/"
            },
            {
              "name": "4343",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4343"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1770",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "msviewer-tvideo-execute-attachment(8609)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8609"
                },
                {
                  "name": "2002032 Automatically opening IE + Executing attachments",
                  "refsource": "NTBUGTRAQ",
                  "url": "http://marc.info/?l=ntbugtraq\u0026m=101680201823534\u0026w=2"
                },
                {
                  "name": "2002032 Automatically opening IE + Executing attachments",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=101680576827641\u0026w=2"
                },
                {
                  "name": "http://security.greymagic.com/adv/gm002-ie/",
                  "refsource": "MISC",
                  "url": "http://security.greymagic.com/adv/gm002-ie/"
                },
                {
                  "name": "4343",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4343"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1770",
        "datePublished": "2005-06-21T04:00:00.000Z",
        "dateReserved": "2005-06-21T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:34:56.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-2351 (GCVE-0-2002-2351)

    Vulnerability from nvd – Published: 2007-10-29 19:00 – Updated: 2024-09-16 21:08
    VLAI
    Summary
    Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:59:11.886Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5432",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5432"
              },
              {
                "name": "20020807 Eudora attachment spoof",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00142.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing \".\" (dot)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-10-29T19:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5432",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5432"
            },
            {
              "name": "20020807 Eudora attachment spoof",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00142.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-2351",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing \".\" (dot)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5432",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5432"
                },
                {
                  "name": "20020807 Eudora attachment spoof",
                  "refsource": "BUGTRAQ",
                  "url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00142.html"
                },
                {
                  "name": "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-2351",
        "datePublished": "2007-10-29T19:00:00.000Z",
        "dateReserved": "2007-10-29T00:00:00.000Z",
        "dateUpdated": "2024-09-16T21:08:11.092Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-2313 (GCVE-0-2002-2313)

    Vulnerability from nvd – Published: 2007-10-26 19:00 – Updated: 2024-09-16 22:56
    VLAI
    Summary
    Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.iss.net/security_center/static/9654.php vdb-entryx_refsource_XF
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:59:12.048Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20020724 REFRESH: EUDORA MAIL 5.1.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000644.html"
              },
              {
                "name": "eudora-mhtml-execute-files(9654)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/9654.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Eudora email client 5.1.1, with \"use Microsoft viewer\" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-10-26T19:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20020724 REFRESH: EUDORA MAIL 5.1.1",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000644.html"
            },
            {
              "name": "eudora-mhtml-execute-files(9654)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/9654.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-2313",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Eudora email client 5.1.1, with \"use Microsoft viewer\" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20020724 REFRESH: EUDORA MAIL 5.1.1",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000644.html"
                },
                {
                  "name": "eudora-mhtml-execute-files(9654)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/9654.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-2313",
        "datePublished": "2007-10-26T19:00:00.000Z",
        "dateReserved": "2007-10-26T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:56:28.032Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }