| |
Vulnerability CVE-2014-7913
Published: 2015-07-29 Modified: 2015-07-30
| Description: |
The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted message. |
CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
6.8/10 |
6.4/10 |
8.6/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
http://www.securitytracker.com/id/1033124
https://android.googlesource.com/platform/external/dhcpcd/+/73c09dd8067250734511d955d8f792b41c7213f0
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
