CVE-2018-3912

HIGH Year: 2018
CVSS v3 Score
7.5
High
CVSS v2 Score
6.9
Medium
Weakness Type
CWE-787
View all →

Vulnerability Description

On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. The strcpy call overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long "secretKey" value in order to exploit this vulnerability.

Related Vulnerabilities

CVE-2006-20001

HIGH
CVSS:7.5(High)

A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. Th...

CWE-7872006

CVE-2015-8619

HIGH
CVSS:7.5(High)

The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).

CWE-7872015

CVE-2015-9542

HIGH
CVSS:7.5(High)

add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could s...

CWE-7872015

CVE-2016-0189

HIGH
CVSS:7.5(High)

The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of ...

CWE-7872016

CVE-2016-10196

HIGH
CVSS:7.5(High)

Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involvin...

CWE-7872016