Lucene search
JΓΌri AedlaZDI-15-093HistoryMar 12, 2015 - 12:00 a.m.
(Mobile Pwn2Own) Google Android DHCP Parsing Remote Code Execution Vulnerability
2015-03-1200:00:00
JΓΌri Aedla
www.zerodayinitiative.com
34
0.012 Low
EPSS
Percentile
85.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Android. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the DHCP options in a DHCP ACK packet. The vulnerability is triggered when the LENGTH of an option, when added to the current read position, exceeds the actual length of the DHCP options buffer. An attacker can leverage this vulnerability to execute code on the device.
Related
ubuntucve
ubuntucve
CVE-2014-7912
2015-07-30 00:00:00
debiancve
debiancve
CVE-2014-7912
2015-07-30 00:59:00
cve
cve
CVE-2014-7912
2015-07-30 00:59:00
nessus
nessus
FreeBSD : dhcpcd -- remote code execution/denial of service (092156c9-04d7-11e6-b1ce-002590263bf5)
2016-04-18 00:00:00
Debian DLA-506-1 : dhcpcd5 security update
2016-06-07 00:00:00
Google Android Operating System < 4.4.0 Multiple Vulnerabilities
2015-04-10 00:00:00
prion
prion
Memory corruption
2015-07-30 00:59:00
freebsd
freebsd
dhcpcd -- remote code execution/denial of service
2015-06-19 00:00:00
cvelist
cvelist
CVE-2014-7912
2015-07-30 00:00:00
nvd
nvd
CVE-2014-7912
2015-07-30 00:59:00
openvas
openvas
Debian: Security Advisory (DLA-506-1)
2023-03-08 00:00:00
android
android
dhcpd buffer overrun
2015-03-12 00:00:00
debian
debian
[SECURITY] [DLA 506-1] dhcpcd5 security update
2016-06-06 21:38:06
osv
osv
dhcpcd5 - security update
2016-06-06 00:00:00