Lucene search
K

9 matches found

Hacker One
Hacker One
added 2020/07/14 2:28 p.m.15 views

Nintendo: [3DS][StreetPass] Heap Overflow in Swapnote parser leads to userland StreetPass RCE

Affected Systems - System: Nintendo 3DS - Version: = 11.13 - Region: ALL Description When parsing TLRF chunks in message files the application calls memcpy using user provided sizes to copy controlled data over a fixed-size buffer. Thus one can overflow heap chunks which is enough to get code...

2.6AI score
Exploits0
Hacker One
Hacker One
added 2020/06/13 4:19 p.m.34 views

Nintendo: [3DS][SSL][SDK] Unchecked number of audio channels in Mobiclip SDK leads to RCE in eShop movie player

Affected Systems - Platform: New Nintendo 3DS - Region: ALL - System version: 11.13 latest at the time of writing Description The Mobiclip SDK used for parsing moflex videos does not check the number of audio channels in an audio stream. This leads to a miscalculation of free space remaining in a...

0.7AI score
Exploits0
Hacker One
Hacker One
added 2020/06/11 2:27 a.m.15 views

Nintendo: [3DS][SSL] Use of uninitialized class member leads to RCE in eShop movie player

Affected Systems - Platform : New Nintendo 3DS - Region: ALL - System version: 11.13 latest at the time of writing Description The eShop video player does not initialize pointers to some decoder objects when creating a video player object. With a specific audio codec this induces the use of...

0.7AI score
Exploits0
Hacker One
Hacker One
added 2020/06/09 10:45 p.m.14 views

Nintendo: [3DS][SSL] Improper certificate validation allows an attacker to perform MitM attacks

Affected Systems - Platform: New Nintendo 3DS - Region: ALL - System version: = 11.13 Description The SSL system module does not properly validate the x509 certificates when establishing an SSL/TLS connection. Actually, the SSL system module does not check the signatures when validating a...

1.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/04/24 1:55 p.m.60 views

Nintendo Confirms Breach of 160,000 Accounts

Nintendo said over 160,000 accounts have been hacked, due to attackers abusing a legacy login system. Over the past few weeks, Nintendo gamers have been reporting suspicious activities on their accounts. According to the complaints, aired out on Twitter and Reddit, unauthorized actors were loggin...

0.6AI score
Exploits0References13
Hacker One
Hacker One
added 2019/09/04 3:50 p.m.23 views

Nintendo: [3DS][StreetPass] Buffer Overflow in Super Mario Maker level decompression

-- Information - Platform: New Nintendo 3DS - Region: EU all regions are affected - System version: less or equal to 11.10 latest Description Since the bootroms have been dumped, it is now possible for an attacker to decrypt streetpass communications. Super Mario Maker is vulnerable to a buffer...

1.8AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/13 12:0 a.m.37 views

Nintendo 3DS DNS Client Resolver Predictable TXID

Nintendo: 3DS DNS Client Resolver Library Uses Predictable TXID I bought a New Nintendo 3DS XL US with firmware 11.2.0-35U, and I've noticed that that DNS client resolved on the 3DS uses a simple incrementing TXID for lookups. This does not provide enough entropy to prevent remote attackers from...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2017/04/13 12:0 a.m.16 views

Nintendo: 3DS DNS Client Resolver Library Uses Predictable TXID

I bought a New Nintendo 3DS XL US with firmware 11.2.0-35U, and I've noticed that that DNS client resolved on the 3DS uses a simple incrementing TXID for lookups. This does not provide enough entropy to prevent remote attackers from spoofing responses. For example, see MS08-020 when this happened...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2011/02/27 3:28 a.m.7 views

Nintendo 3DS also got Hacked Within 24 Hours after Release !

The new Nintendo 3DS didn't last 24 hours in Japan before hackers jailbroke the device to support Revolution For DS R4 flash cards that play old Nintendo games. Although R4 cards were built for Nintendo DS, the hackers show how they can use the storage cards to run homebrew and older Nintendo gam...

6.7AI score
Exploits0
Rows per page
Query Builder