Vulnerability-Lookup

CVE-2017-15325 (GCVE-0-2017-15325)

Vulnerability from cvelistv5 – Published: 2018-03-23 16:00 – Updated: 2024-09-17 04:14

Summary

Severity ?

No CVSS data available.

CWE

integer overflow

Assigner

huawei

References

URL

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	Prague	Affected: Versions earlier than Prague-AL00AC00B211, Versions earlier than Prague-AL00BC00B211, Versions earlier than Prague-AL00CC00B211, Versions earlier than Prague-TL00AC01B211, Versions earlier than Prague-TL10AC01B211

GHSA-JJGP-JXFQ-2W96

Vulnerability from github – Published: 2022-05-14 03:30 – Updated: 2022-05-14 03:30

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-15325"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-190"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-23T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution.",
  "id": "GHSA-jjgp-jxfq-2w96",
  "modified": "2022-05-14T03:30:39Z",
  "published": "2022-05-14T03:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15325"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2017-15325

Vulnerability from fkie_nvd - Published: 2018-03-23 16:29 - Updated: 2024-11-21 03:14

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	psirt@huawei.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en	Vendor Advisory

Impacted products

Vendor	Product	Version
huawei	prague-al00a_firmware	*
huawei	prague-al00a	-
huawei	prague-al00b_firmware	*
huawei	prague-al00b	-
huawei	prague-al00c_firmware	*
huawei	prague-al00c	-
huawei	prague-tl00a_firmware	*
huawei	prague-tl00a	-
huawei	prague-tl10a_firmware	*
huawei	prague-tl10a	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:prague-al00a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0489925C-DCD2-4D82-B971-ADD451543B78",
              "versionEndExcluding": "prague-al00ac00b211",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:prague-al00a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04E54AE0-CB98-47D2-AF52-516EADEF1F5D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:prague-al00b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B97CF66D-BF8A-49FC-B972-B9ECD8617CFD",
              "versionEndExcluding": "prague-al00bc00b211",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:prague-al00b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA3C5A77-355C-4797-8B3F-706C9A7C2F1C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:prague-al00c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D317F9D8-F9CE-4404-961C-FCB924CEA769",
              "versionEndExcluding": "prague-al00cc00b211",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:prague-al00c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BB6D0A-0545-456D-85CC-9A302BAC9A0E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:prague-tl00a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA4B09A2-5E22-428F-9377-5DD800D60A1F",
              "versionEndExcluding": "prague-tl00ac01b211",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:prague-tl00a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "338F548C-DA7E-4EA4-9D54-7DDF1D5F99B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:prague-tl10a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A738D9B3-8D29-4F18-82CE-4CB882525D2D",
              "versionEndExcluding": "prague-tl10ac01b211",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:prague-tl10a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F248688D-F679-42E9-BAA4-34187D5EC5F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution."
    },
    {
      "lang": "es",
      "value": "El controlador Bdat de determinados smartphones Prague con versiones de software anteriores a Prague-AL00BC00B211, Prague-AL00BC00B205, Prague-AL00CC00B211, Prague-TL00AC01B211 y Prague-TL10AC01B211 tiene una vulnerabilidad de desbordamiento de enteros debido a la falta de validaci\u00f3n de par\u00e1metros. Un atacante enga\u00f1a a un usuario para que instale una app maliciosa y la ejecute con un privilegio espec\u00edfico. La app podr\u00eda entonces enviar un par\u00e1metro espec\u00edfico al controlador del smartphone, provocando la ejecuci\u00f3n de c\u00f3digo arbitrario."
    }
  ],
  "id": "CVE-2017-15325",
  "lastModified": "2024-11-21T03:14:28.067",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-23T16:29:00.130",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2017-15325

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2017-15325

Aliases

CVE-2017-15325

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-15325",
    "description": "The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution.",
    "id": "GSD-2017-15325"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-15325"
      ],
      "details": "The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution.",
      "id": "GSD-2017-15325",
      "modified": "2023-12-13T01:20:58.860614Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@huawei.com",
        "DATE_PUBLIC": "2018-03-21T00:00:00",
        "ID": "CVE-2017-15325",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Prague",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Versions earlier than Prague-AL00AC00B211, Versions earlier than Prague-AL00BC00B211, Versions earlier than Prague-AL00CC00B211, Versions earlier than Prague-TL00AC01B211, Versions earlier than Prague-TL10AC01B211"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Huawei Technologies Co., Ltd."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "integer overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:prague-al00a_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "prague-al00ac00b211",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:prague-al00a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:prague-al00b_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "prague-al00bc00b211",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:prague-al00b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:prague-al00c_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "prague-al00cc00b211",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:prague-al00c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:prague-tl00a_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "prague-tl00ac01b211",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:prague-tl00a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:prague-tl10a_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "prague-tl10ac01b211",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:prague-tl10a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2017-15325"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-190"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2018-04-19T14:02Z",
      "publishedDate": "2018-03-23T16:29Z"
    }
  }
}

CNVD-2018-06067

Vulnerability from cnvd - Published: 2018-03-22

Title

Huawei荣耀8 Bdat驱动整数溢出漏洞

Description

Huawei荣耀8青春版是一款智能手机设备。 Huawei荣耀8青春版Bdat驱动存在整数溢出漏洞。由于缺少参数检查，攻击者可利用漏洞诱使用户安装一个恶意应用并以特权执行，向手机驱动中发送特定参数，导致任意代码执行。

Severity

高

Patch Name

Huawei荣耀8 Bdat驱动整数溢出漏洞的补丁

Patch Description

Huawei荣耀8青春版是一款智能手机设备。 Huawei荣耀8青春版Bdat驱动存在整数溢出漏洞。由于缺少参数检查，攻击者可利用漏洞诱使用户安装一个恶意应用并以特权执行，向手机驱动中发送特定参数，导致任意代码执行。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://www.huawei.com/cn/psirt/security-advisories/2018/huawei-sa-20180321-01-smartphone-cn

Reference

http://www.huawei.com/cn/psirt/security-advisories/2018/huawei-sa-20180321-01-smartphone-cn

Impacted products

Name
['Huawei 荣耀8青春版 <=Prague-AL00AC00B211', 'Huawei 荣耀8青春版 <=Prague-AL00BC00B211', 'Huawei 荣耀8青春版 <=Prague-AL00CC00B211', 'Huawei 荣耀8青春版 <=Prague-TL00AC01B211', 'Huawei 荣耀8青春版 <=Prague-TL10AC01B211']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-15325"
    }
  },
  "description": "Huawei\u8363\u80008\u9752\u6625\u7248\u662f\u4e00\u6b3e\u667a\u80fd\u624b\u673a\u8bbe\u5907\u3002\r\n\r\nHuawei\u8363\u80008\u9752\u6625\u7248Bdat\u9a71\u52a8\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u3002\u7531\u4e8e\u7f3a\u5c11\u53c2\u6570\u68c0\u67e5\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8bf1\u4f7f\u7528\u6237\u5b89\u88c5\u4e00\u4e2a\u6076\u610f\u5e94\u7528\u5e76\u4ee5\u7279\u6743\u6267\u884c\uff0c\u5411\u624b\u673a\u9a71\u52a8\u4e2d\u53d1\u9001\u7279\u5b9a\u53c2\u6570\uff0c\u5bfc\u81f4\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002",
  "discovererName": "Huawei",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://www.huawei.com/cn/psirt/security-advisories/2018/huawei-sa-20180321-01-smartphone-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-06067",
  "openTime": "2018-03-22",
  "patchDescription": "Huawei\u8363\u80008\u9752\u6625\u7248\u662f\u4e00\u6b3e\u667a\u80fd\u624b\u673a\u8bbe\u5907\u3002\r\n\r\nHuawei\u8363\u80008\u9752\u6625\u7248Bdat\u9a71\u52a8\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u3002\u7531\u4e8e\u7f3a\u5c11\u53c2\u6570\u68c0\u67e5\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8bf1\u4f7f\u7528\u6237\u5b89\u88c5\u4e00\u4e2a\u6076\u610f\u5e94\u7528\u5e76\u4ee5\u7279\u6743\u6267\u884c\uff0c\u5411\u624b\u673a\u9a71\u52a8\u4e2d\u53d1\u9001\u7279\u5b9a\u53c2\u6570\uff0c\u5bfc\u81f4\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Huawei\u8363\u80008 Bdat\u9a71\u52a8\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei \u8363\u80008\u9752\u6625\u7248 \u003c=Prague-AL00AC00B211",
      "Huawei \u8363\u80008\u9752\u6625\u7248 \u003c=Prague-AL00BC00B211",
      "Huawei \u8363\u80008\u9752\u6625\u7248 \u003c=Prague-AL00CC00B211",
      "Huawei \u8363\u80008\u9752\u6625\u7248 \u003c=Prague-TL00AC01B211",
      "Huawei \u8363\u80008\u9752\u6625\u7248 \u003c=Prague-TL10AC01B211"
    ]
  },
  "referenceLink": "http://www.huawei.com/cn/psirt/security-advisories/2018/huawei-sa-20180321-01-smartphone-cn",
  "serverity": "\u9ad8",
  "submitTime": "2018-03-22",
  "title": "Huawei\u8363\u80008 Bdat\u9a71\u52a8\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e"
}

VAR-201803-1313

Vulnerability from variot - Updated: 2024-11-23 22:12

The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution. Huawei Smart Phone Software contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei Glory 8 Youth Edition is a smart phone device. The Huawei Glory 8 Youth Edition Bdat driver has an integer overflow vulnerability

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201803-1313",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "prague-tl00a",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "prague-tl00ac01b211"
      },
      {
        "model": "prague-tl10a",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "prague-tl10ac01b211"
      },
      {
        "model": "prague-al00a",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "prague-al00ac00b211"
      },
      {
        "model": "prague-al00c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "prague-al00cc00b211"
      },
      {
        "model": "prague-al00b",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "prague-al00bc00b211"
      },
      {
        "model": "prague-al00a",
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "prague-al00b",
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "prague-al00c",
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "prague-tl00a",
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "prague-tl10a",
        "scope": null,
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "glory youth edition \u003c=prague-al00ac00b211",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "glory youth version \u003c=prague-al00bc00b211",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "glory youth edition \u003c=prague-al00cc00b211",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "glory youth edition \u003c=prague-tl00ac01b211",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "8"
      },
      {
        "model": "glory youth edition \u003c=prague-tl10ac01b211",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "8"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15325"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:huawei:prague-al00a_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:huawei:prague-al00b_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:huawei:prague-al00c_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:huawei:prague-tl00a_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:huawei:prague-tl10a_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      }
    ]
  },
  "cve": "CVE-2017-15325",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2017-15325",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2018-06067",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2017-15325",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-15325",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-15325",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-06067",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201803-907",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2017-15325",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-15325"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-907"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15325"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution. Huawei Smart Phone Software contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei Glory 8 Youth Edition is a smart phone device. The Huawei Glory 8 Youth Edition Bdat driver has an integer overflow vulnerability",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-15325"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-15325"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-15325",
        "trust": 3.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-06067",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-907",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-15325",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-15325"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-907"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15325"
      }
    ]
  },
  "id": "VAR-201803-1313",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      }
    ],
    "trust": 1.6
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:12:38.979000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "huawei-sa-20180321-01-smartphone",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en"
      },
      {
        "title": "Huawei glory 8Bdat driver patch for integer overflow vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/122889"
      },
      {
        "title": "Huawei glory 8 Youth version Bdat Fixes for driver digital error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79404"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-907"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-190",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15325"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180321-01-smartphone-en"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-15325"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-15325"
      },
      {
        "trust": 0.6,
        "url": "http://www.huawei.com/cn/psirt/security-advisories/2018/huawei-sa-20180321-01-smartphone-cn"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/190.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-15325"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-907"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15325"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-15325"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-907"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15325"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-03-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      },
      {
        "date": "2018-03-23T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-15325"
      },
      {
        "date": "2018-05-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      },
      {
        "date": "2018-03-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201803-907"
      },
      {
        "date": "2018-03-23T16:29:00.130000",
        "db": "NVD",
        "id": "CVE-2017-15325"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-03-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-06067"
      },
      {
        "date": "2018-04-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-15325"
      },
      {
        "date": "2018-05-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      },
      {
        "date": "2018-04-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201803-907"
      },
      {
        "date": "2024-11-21T03:14:28.067000",
        "db": "NVD",
        "id": "CVE-2017-15325"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-907"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei Smart Phone Software integer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-013017"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "digital error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-907"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-15325 (GCVE-0-2017-15325)

GHSA-JJGP-JXFQ-2W96

FKIE_CVE-2017-15325

GSD-2017-15325

CNVD-2018-06067

VAR-201803-1313

Tags

Sightings

Nomenclature