[Japanese]
|
JVNDB-2017-000232
|
Wi-Fi STATION L-02F vulnerable to buffer overflow
|
Wi-Fi STATION L-02F provided by NTT DOCOMO, INC. contains a buffer overflow vulnerability.
Daisuke Makita and Hayato Ushimaru of National Institute of Information and Communications Technology, Jumpei Shimamura of clwit, Inc. and Katsunari Yoshioka of Yokohama National University reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
|
CVSS V3 Severity: Base Metrics 9.8 (Critical) [IPA Score]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
CVSS V2 Severity: Base Metrics 10.0 (High) [IPA Score]
- Access Vector: Network
- Access Complexity: Low
- Authentication: None
- Confidentiality Impact: Complete
- Integrity Impact: Complete
- Availability Impact: Complete
|
|
NTT DOCOMO, INC.
- Wi-Fi STATION L-02F Software version L02F-MDM9625-V10h-JUN-23-2017-DCM-JP and earlier
|
|
Receiving crafted packets sent by a remote attacker may cause a buffer overflow condition. As a result, the attacker may execute arbitrary code with the root previlege.
|
[Apply an Update]
Apply the update according to the information provided by the provider.
|
NTT DOCOMO, INC.
|
- Buffer Errors(CWE-119) [IPA Evaluation]
|
- CVE-2017-10871
|
- JVN : JVN#23367475
- National Vulnerability Database (NVD) : CVE-2017-10871
- IPA SECURITY ALERTS : Security Alert for Vulnerability in Wi-Fi STATION L-02F (JVN#23367475) (in Japanese)
|
- [2017/11/06]
Web page was published
- [2018/03/07]
References : Content was added
|