CVE-2018-11937 Vulnerability Details
/
/
/
CVE-2018-11937 Metadata Quick Info
CVE Published: 24/05/2019 |
CVE Updated: 05/08/2024 |
CVE Year: 2018
Source: qualcomm |
Vendor: Qualcomm, Inc. |
Product: Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Status : PUBLISHED
CVE-2018-11937 Description
Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150
Metrics
CVSS Version: 3.1 |
Base Score: n/a
Vector: n/a
l➤ Exploitability Metrics:
Attack Vector (AV)*
Attack Complexity (AC)*
Privileges Required (PR)*
User Interaction (UI)*
Scope (S)*
l➤ Impact Metrics:
Confidentiality Impact (C)*
Integrity Impact (I)*
Availability Impact (A)*
Weakness Enumeration (CWE)
CWE-ID:
CWE Name: Buffer Over-read Issue in WLAN
Source: Qualcomm, Inc.
Common Attack Pattern Enumeration and Classification (CAPEC)
CAPEC-ID:
CAPEC Description:
Source: NVD (National Vulnerability Database).