Vulnerability Details : CVE-2018-10751
A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463.
Vulnerability category: OverflowMemory Corruption
Products affected by CVE-2018-10751
- cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-10751
0.34%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 71 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-10751
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.4
|
MEDIUM | AV:N/AC:H/Au:N/C:N/I:N/A:C |
4.9
|
6.9
|
NIST | |
5.3
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.6
|
3.6
|
NIST |
CWE ids for CVE-2018-10751
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-10751
-
https://security.samsungmobile.com/securityUpdate.smsb
Android Security Updates Details | Samsung Mobile SecurityThird Party Advisory
-
https://www.exploit-db.com/exploits/44724/
Samsung Galaxy S7 Edge - Overflow in OMACP WbXml String Extension ProcessingExploit;Third Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/147841/Samsung-Galaxy-S7-Edge-OMACP-WbXml-String-Extension-Processing-Overflow.html
Samsung Galaxy S7 Edge OMACP WbXml String Extension Processing Overflow ≈ Packet StormThird Party Advisory;VDB Entry
Jump to