CVE-2018-10751
Last modified
CVE-2018-10751 is a vulnerability of currently unknown severity. A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. EPSS estimates a 8.75% chance of exploitation in the next 30 days.
Description
A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Samsung | Samsung Mobile | 6.0 |
| Samsung | Samsung Mobile | 7.0 |
| Samsung | Samsung Mobile | 7.1 |
| Samsung | Samsung Mobile | 7.1.1 |
| Samsung | Samsung Mobile | 7.1.2 |
References
- http://packetstormsecurity.com/files/147841/Samsung-Galaxy-S7-Edge-OMACP-WbXml-String-Extension-Processing-Overflow.htmlThird Party Advisory, VDB Entry
- https://security.samsungmobile.com/securityUpdate.smsbThird Party Advisory
- https://www.exploit-db.com/exploits/44724/Exploit, Third Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/147841/Samsung-Galaxy-S7-Edge-OMACP-WbXml-String-Extension-Processing-Overflow.htmlThird Party Advisory, VDB Entry
- https://security.samsungmobile.com/securityUpdate.smsbThird Party Advisory
- https://www.exploit-db.com/exploits/44724/Exploit, Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-10751?
How severe is CVE-2018-10751?
How do I fix CVE-2018-10751?
Are you affected by CVE-2018-10751?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST