CVE-2014-0997
Severity CVSS v4.0:
Pending analysis
Type:
CWE-19
Data Handling
Publication date:
26/09/2017
Last modified:
20/04/2025
Description
WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle exceptions, which allows remote attackers to cause a denial of service (reboot) via a crafted 802.11 probe response frame.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:* | ||
| cpe:2.3:h:google:nexus_4:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:google:nexus_5:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:d806:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:samsung:sm-t310:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:* | ||
| cpe:2.3:h:motorola:razr_hd:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://packetstormsecurity.com/files/130107/Android-WiFi-Direct-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2015/Jan/104
- http://www.securityfocus.com/archive/1/534544/100/0/threaded
- http://www.securityfocus.com/bid/72311
- https://www.coresecurity.com/advisories/android-wifi-direct-denial-service
- https://www.exploit-db.com/exploits/35913/
- http://packetstormsecurity.com/files/130107/Android-WiFi-Direct-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2015/Jan/104
- http://www.securityfocus.com/archive/1/534544/100/0/threaded
- http://www.securityfocus.com/bid/72311
- https://www.coresecurity.com/advisories/android-wifi-direct-denial-service
- https://www.exploit-db.com/exploits/35913/