Vulnerability Details : CVE-2014-7252
Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and "improper data validation."
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2014-7252
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-7252
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
References for CVE-2014-7252
-
http://jvn.jp/en/jp/JVN67792023/index.html
JVN#67792023: Multiple improper data validation vulnerabilities in Syslink driver for Texas Instruments OMAP mobile processors
-
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html
JVNDB-2014-000137 - JVN iPedia - 脆弱性対策情報データベース
-
http://jvn.jp/en/jp/JVN67792023/995312/index.html
Japan Vulnerability Notes/Information from NTT DOCOMO, INC.
-
http://jvn.jp/en/jp/JVN67792023/397327/index.html
Japan Vulnerability Notes/Information from SoftBank
Products affected by CVE-2014-7252
- cpe:2.3:h:fujitsu:arrows_tab_lte_f-01d:*:*:*:*:*:*:*:*
- cpe:2.3:h:fujitsu:regza_phone_t-01d:-:*:*:*:*:*:*:*
- cpe:2.3:h:fujitsu:arrows_x_lte_f-05d:-:*:*:*:*:*:*:*
- cpe:2.3:h:sharp:softbank_102sh:-:*:*:*:*:*:*:*
- cpe:2.3:h:lg:prada_phone_l-02d:-:*:*:*:*:*:*:*
- cpe:2.3:o:disney_interactive:disney_mobile:-:*:*:*:*:*:*:*