CVE-2016-6691

Опубликовано: 10 окт. 2016

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android before 2016-10-05 allows remote attackers to cause a denial of service (framework crash) or possibly have unspecified other impact via an access point that has a malformed SSID with GBK encoding, aka Qualcomm internal bug CR 978452.

Ссылки

http://source.android.com/security/bulletin/2016-10-01.html
Vendor Advisory
http://www.securityfocus.com/bid/93330
Third Party Advisory
VDB Entry
https://source.codeaurora.org/quic/la//platform/frameworks/opt/net/wifi/commit/?id=343f123c396b2a97fc7cce396cd5d99365cb9131
Issue Tracking
Patch
http://source.android.com/security/bulletin/2016-10-01.html
Vendor Advisory
http://www.securityfocus.com/bid/93330
Third Party Advisory
VDB Entry
https://source.codeaurora.org/quic/la//platform/frameworks/opt/net/wifi/commit/?id=343f123c396b2a97fc7cce396cd5d99365cb9131
Issue Tracking
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Версия до 7.0 (включая)

EPSS

Процентиль: 67%

0.00551

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-172

Связанные уязвимости

GHSA-2fmc-hw9p-wg9h