10

CVE-2015-9115

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation is performed on calls to the qsee_prng_getdata syscall.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommMdm9625 Firmware Version-
   QualcommMdm9625 Version-
QualcommSd 410 Firmware Version-
   QualcommSd 410 Version-
QualcommSd 412 Firmware Version-
   QualcommSd 412 Version-
QualcommSd 425 Firmware Version-
   QualcommSd 425 Version-
QualcommSd 430 Firmware Version-
   QualcommSd 430 Version-
QualcommSd 450 Firmware Version-
   QualcommSd 450 Version-
QualcommSd 615 Firmware Version-
   QualcommSd 615 Version-
QualcommSd 616 Firmware Version-
   QualcommSd 616 Version-
QualcommSd 415 Firmware Version-
   QualcommSd 415 Version-
QualcommSd 617 Firmware Version-
   QualcommSd 617 Version-
QualcommSd 625 Firmware Version-
   QualcommSd 625 Version-
QualcommSd 650 Firmware Version-
   QualcommSd 650 Version-
QualcommSd 652 Firmware Version-
   QualcommSd 652 Version-
QualcommSd 820 Firmware Version-
   QualcommSd 820 Version-
QualcommSd 820a Firmware Version-
   QualcommSd 820a Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.3% 0.527
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/bid/103671
Third Party Advisory
VDB Entry