CVE-2014-7252 - OpenCVE

Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and "improper data validation."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Disney Interactive	Disney Mobile
Fujitsu	Arrows Tab Lte F-01d Arrows X Lte F-05d F-08d Regza Phone T-01d
Lg	Prada Phone L-02d
Sharp	Softbank 102sh

Configuration 1 [-]

AND

cpe:2.3:o:disney_interactive:disney_mobile:-:*:*:*:*:*:*:*

cpe:2.3:h:fujitsu:f-08d:-:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:h:fujitsu:arrows_tab_lte_f-01d:*:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:h:sharp:softbank_102sh:-:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:h:fujitsu:regza_phone_t-01d:-:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:h:fujitsu:arrows_x_lte_f-05d:-:*:*:*:*:*:*:*

Configuration 6 [-]

cpe:2.3:h:lg:prada_phone_l-02d:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://jvn.jp/en/jp/JVN67792023/397327/index.html
http://jvn.jp/en/jp/JVN67792023/995312/index.html
http://jvn.jp/en/jp/JVN67792023/index.html
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2014-12-05T17:00:00

Updated: 2024-08-06T12:40:19.271Z

Reserved: 2014-09-30T00:00:00

Link: CVE-2014-7252

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2014-12-05T17:59:01.087

Modified: 2014-12-08T13:55:38.113

Link: CVE-2014-7252

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-02T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-12-05T16:57:00", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"name": "JVNDB-2014-000137", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"}, {"name": "JVN#67792023", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN67792023/index.html"}, {"tags": ["x_refsource_MISC"], "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"}, {"tags": ["x_refsource_MISC"], "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2014-7252", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "JVNDB-2014-000137", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"}, {"name": "JVN#67792023", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN67792023/index.html"}, {"name": "http://jvn.jp/en/jp/JVN67792023/397327/index.html", "refsource": "MISC", "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"}, {"name": "http://jvn.jp/en/jp/JVN67792023/995312/index.html", "refsource": "MISC", "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T12:40:19.271Z"}, "title": "CVE Program Container", "references": [{"name": "JVNDB-2014-000137", "tags": ["third-party-advisory", "x_refsource_JVNDB", "x_transferred"], "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"}, {"name": "JVN#67792023", "tags": ["third-party-advisory", "x_refsource_JVN", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN67792023/index.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"}]}]}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2014-7252", "datePublished": "2014-12-05T17:00:00", "dateReserved": "2014-09-30T00:00:00", "dateUpdated": "2024-08-06T12:40:19.271Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:disney_interactive:disney_mobile:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1F11E96-DE4B-43BD-9353-5CC58CFBF908", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:f-08d:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E0F58C3-BE28-44BB-9444-21FED4290BCE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:arrows_tab_lte_f-01d:*:*:*:*:*:*:*:*", "matchCriteriaId": "245D71AD-5D0D-43D7-9CD2-B7BE7ACADDF9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:sharp:softbank_102sh:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0CA34F5-20E7-4663-9A19-D67555E50386", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:regza_phone_t-01d:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC3CE189-7E5D-49B0-834D-610909C00FAE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:arrows_x_lte_f-05d:-:*:*:*:*:*:*:*", "matchCriteriaId": "E423E510-BFE4-4BE2-A04F-2E22AFA93728", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:lg:prada_phone_l-02d:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D935E00-B10E-4F08-B4A7-5B7462621299", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and \"improper data validation.\""}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en el controlador Syslink para el procesador m\u00f3vil de Texas Instruments OMAP, utilizado en NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, y PRADA phone por LG L-02D; y los tel\u00e9fonos SoftBank SHARP 102SH permiten a usuarios locales ejecutar c\u00f3digo arbitrario o leer la memoria del kernel a trav\u00e9s de vectores desconocidos relacionados con los datos userland y 'la validaci\u00f3n de datos incorrecta.'"}], "id": "CVE-2014-7252", "lastModified": "2014-12-08T13:55:38.113", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-12-05T17:59:01.087", "references": [{"source": "vultures@jpcert.or.jp", "url": "http://jvn.jp/en/jp/JVN67792023/397327/index.html"}, {"source": "vultures@jpcert.or.jp", "url": "http://jvn.jp/en/jp/JVN67792023/995312/index.html"}, {"source": "vultures@jpcert.or.jp", "url": "http://jvn.jp/en/jp/JVN67792023/index.html"}, {"source": "vultures@jpcert.or.jp", "url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000137.html"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}