var-201704-0494
Vulnerability from variot
Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. Huawei P9 , P9 Plus ,and Honor 6 The video driver for smartphone software contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. HuaweiSmartPhones is a smart phone from China Huawei. A number of Huawei smartphone drivers have a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on an affected device. Multiple Huawei Smart Phones drivers are prone to stack-based buffer overflow and heap-based buffer overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions. Huawei P9 versions prior to EVA-AL10C00B192 are vulnerable. Honor 6 versions prior to H60-L02_6.10.1 are vulnerable. Huawei Smart Phones P9 is a smartphone from the Chinese company Huawei. video driver is one of the video drivers. Attackers can exploit this vulnerability to crash the system or elevate privileges by enticing users to install malicious applications and send specific parameters to the video driver
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0494",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "p9 plus",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor 6",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": null
},
{
"model": "honor 6",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 plus",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "p9 \u003ceva-al10c00b192",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "p9 eva-al10c00b190",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "honor",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "66.9.16"
},
{
"model": "honor",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "66.9"
},
{
"model": "p9 eva-al10c00b192",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "honor h60-l02 6.10.1",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:honor6_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:p9_plus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:p9_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhao Jianqiang from Lab 0x031E of Qihoo 360 Technology Co. Ltd.",
"sources": [
{
"db": "BID",
"id": "93530"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8759",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-8759",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2016-09936",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-97579",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2016-8759",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-8759",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-8759",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-09936",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-662",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-97579",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "VULHUB",
"id": "VHN-97579"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. Huawei P9 , P9 Plus ,and Honor 6 The video driver for smartphone software contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. HuaweiSmartPhones is a smart phone from China Huawei. A number of Huawei smartphone drivers have a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on an affected device. Multiple Huawei Smart Phones drivers are prone to stack-based buffer overflow and heap-based buffer overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions. \nHuawei P9 versions prior to EVA-AL10C00B192 are vulnerable. \nHonor 6 versions prior to H60-L02_6.10.1 are vulnerable. Huawei Smart Phones P9 is a smartphone from the Chinese company Huawei. video driver is one of the video drivers. Attackers can exploit this vulnerability to crash the system or elevate privileges by enticing users to install malicious applications and send specific parameters to the video driver",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8759"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "VULHUB",
"id": "VHN-97579"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8759",
"trust": 3.4
},
{
"db": "BID",
"id": "93530",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-09936",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-97579",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "VULHUB",
"id": "VHN-97579"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
}
]
},
"id": "VAR-201704-0494",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "VULHUB",
"id": "VHN-97579"
}
],
"trust": 1.28881818
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
}
]
},
"last_update_date": "2024-11-23T21:54:09.012000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20161012-01-smartphone",
"trust": 0.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"
},
{
"title": "Patches for multiple Huawei smartphone driver heap buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/82926"
},
{
"title": "Huawei Smart Phones P9 video Driver fix for stack-based buffer overflow vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65043"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97579"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/93530"
},
{
"trust": 2.0,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161012-01-smartphone-en"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8759"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8759"
},
{
"trust": 0.3,
"url": "http://www.huawei.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "VULHUB",
"id": "VHN-97579"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"db": "VULHUB",
"id": "VHN-97579"
},
{
"db": "BID",
"id": "93530"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
},
{
"db": "NVD",
"id": "CVE-2016-8759"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-97579"
},
{
"date": "2016-10-12T00:00:00",
"db": "BID",
"id": "93530"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"date": "2016-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-662"
},
{
"date": "2017-04-02T20:59:01.173000",
"db": "NVD",
"id": "CVE-2016-8759"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-09936"
},
{
"date": "2017-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-97579"
},
{
"date": "2016-12-20T01:09:00",
"db": "BID",
"id": "93530"
},
{
"date": "2017-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008233"
},
{
"date": "2016-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-662"
},
{
"date": "2024-11-21T03:00:00.440000",
"db": "NVD",
"id": "CVE-2016-8759"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Buffer error vulnerability in video driver for smartphone software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008233"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-662"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.