[Japanese]

JVNDB-2012-000102

Multiple Android devices vulnerable to denial-of-service (DoS)

Overview

Multiple Android devices contains a denial-of-service (DoS) vulnerability.

Multiple Android devices contain an issue when referencing specific system area, which may lead to a denial-of-service (DoS).

Tsukasa Oi of Fourteenforty Research Institue, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.4 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Complete
Affected Products


(Multiple Venders)
  • (Multiple Products) A wide range of products are affected.

For more information, refer to the information provided by the developer or distributor.
Impact

The device may crash as a result of accessing a specific file.
Solution

[Update the software]
Update to the latest version according to the information provided by the developer or distributor.
Vendor Information

KDDI SoftBank NTT DOCOMO, INC.
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

References

  1. JVN : JVN#74829345
Revision History

  • [2012/11/14]
      Web page was published
    [2012/11/30]
      Vendor Information : Contents were added

Date Public2012/11/14
Date First Published2012/11/14
Date Last Updated2012/11/30