CVE-2019-9288

MEDIUM Year: 2019
CVSS v3 Score
6.8
Medium
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-787
View all →

Vulnerability Description

In libhidcommand_jni, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the USB service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android Versions: Android-10 Android ID: A-111363077

Related Vulnerabilities

CVE-2017-18697

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52.

CWE-7872017

CVE-2017-18698

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6100 before 1.0.1.20, R7800 before 1.0.2.40, and R9000 before 1.0.2.52.

CWE-7872017

CVE-2017-18699

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52.

CWE-7872017

CVE-2017-18759

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104.

CWE-7872017

CVE-2017-18761

MEDIUM
CVSS:6.8(Medium)

NETGEAR R8000 devices before 1.0.4.2 are affected by a stack-based buffer overflow by an authenticated user.

CWE-7872017

CVE-2017-18865

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104.

CWE-7872017