Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2018-9139

Published: 30/03/2018 Updated: 19/04/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Samsung Mobile

Vulnerability Summary

On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.

Vulnerable Product Search on Vulmon Subscribe to Product

samsung samsung mobile 7.1

samsung samsung mobile 7.1.2

samsung samsung mobile 7.0

samsung samsung mobile 7.1.1

Github Repositories

https://github.com/flankerhqd/bindump4j

A portable utility to locate android binder service

What's Bindump4j for Vendor binder services proved to be an interesting part of android devices nature They usually remains close-source, but sometimes open attack surface for privilege escalation Namely examples like SVE-2016-7114 (By @laginimaineb), CVE-2018-9143 and CVE-2018-9139 (By @flanker_hqd) and so on, which are all memory corruption vulnerabilities Locating in

References

CWE-119https://security.samsungmobile.com/securityUpdate.smsbhttps://nvd.nist.govhttps://github.com/flankerhqd/bindump4j
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook