Vulnerabilities > CVE-2019-7386
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the remote code execution on the device.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| OS | 1 | |
| Hardware | 1 |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/151651/KSA-DEV-007.txt |
| id | PACKETSTORM:151651 |
| last seen | 2019-02-14 |
| published | 2019-02-13 |
| reporter | Kaustubh G. Padwad |
| source | https://packetstormsecurity.com/files/151651/Nokia-8810-Denial-Of-Service.html |
| title | Nokia 8810 Denial Of Service |
References
- http://packetstormsecurity.com/files/151651/Nokia-8810-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2019/Feb/35
- http://www.breakthesec.com
- http://www.breakthesec.com/search/label/0day
- https://s3curityb3ast.github.io
- https://s3curityb3ast.github.io/KSA-Dev-007.md
- http://packetstormsecurity.com/files/151651/Nokia-8810-Denial-Of-Service.html
- https://s3curityb3ast.github.io/KSA-Dev-007.md
- https://s3curityb3ast.github.io
- http://www.breakthesec.com/search/label/0day
- http://www.breakthesec.com
- http://seclists.org/fulldisclosure/2019/Feb/35