CVE-2018-9480

MEDIUM Year: 2018
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

In bta_hd_get_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.

Related Vulnerabilities

CVE-2006-6016

MEDIUM
CVSS:6.5(Medium)

wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter.

CWE-1252006

CVE-2011-2501

MEDIUM
CVSS:6.5(Medium)

The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (applic...

CWE-1252011

CVE-2012-0259

MEDIUM
CVSS:6.5(Medium)

The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolut...

CWE-1252012

CVE-2012-1798

MEDIUM
CVSS:6.5(Medium)

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF i...

CWE-1252012

CVE-2014-8127

MEDIUM
CVSS:6.5(Medium)

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (...

CWE-1252014

CVE-2014-8354

MEDIUM
CVSS:6.5(Medium)

The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

CWE-1252014