2 matches found
Integer overflow
An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. A specially crafted weave packet can cause an integer overflow and an out-of-bounds read on unmapped memory to occur, resulting in a denial of servic...
CVE-2019-5037
CVE-2019-5037 affects Nest Cam IQ Indoor (4620002) WeaveCASEEngine::DecodeCertificateInfo. The issue is an integer overflow in the Weave certificate processing that allows an attacker to set CertInfoLength to 0xFFFF, causing the TLVReader to advance beyond the packet into unmapped memory and cras...