CVE-2020-12485
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
The frame touch module does not make validity judgments on parameter lengths when processing specific parameters,which caused out of the boundary when memory access.The vulnerability eventually leads to a local DOS on the device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| vivo | The frame touch module | unspecified < PD2012_1.4.0 | affected |
| vivo | The frame touch module | unspecified < PD1965EF_EX_EU_4.4.0 | affected |
| vivo | The frame touch module | unspecified < PD2001F_EX_1.6.0 | affected |
| vivo | The frame touch module | unspecified < PD1968F_EX_1.10.1 | affected |
| vivo | The frame touch module | unspecified < PD1962_1.7.6 | affected |
| vivo | The frame touch module | unspecified < PD1981_1.5.0 | affected |
| vivo | The frame touch module | unspecified < PD2006F_EX_1.6.2 | affected |
Weaknesses
- CWE-125: CWE-125 Out-of-bounds Read
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.