2 matches found
CVE-2017-15862
In all Qualcomm products with Android releases from CAF using the Linux kernel, in wmaunifiedlinkradiostatseventhandler, the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a buffer overflow...
iTunes remote memory corruption vulnerability
Hi, iTunes for both macosx and win is prone to a remote memory corruption vulnerability when parsing xml. iTunes will parse xml when it contacts a touning server which will return the list of radio channels in that format. To trigger this bug is sufficent to send to iTunes an xml file containing...