Vulnerability Description
Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service (memory corruption) by writing a long string to the /dev/socket/init_runit socket that is inconsistent with a certain length value that was previously written to this socket.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | 2.3.7 | |
| Motorola | Defy Xt | - |
Related Weaknesses (CWE)
References
- http://twitter.com/djrbliss/statuses/382632926946402304
- https://plus.google.com/110348415484169880343/posts/5ofgPNrSu3J
- http://twitter.com/djrbliss/statuses/382632926946402304
- https://plus.google.com/110348415484169880343/posts/5ofgPNrSu3J
FAQ
What is CVE-2013-5933?
CVE-2013-5933 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or ca...
How severe is CVE-2013-5933?
CVE-2013-5933 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5933?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android, Motorola Defy Xt.