Vulnerability Details CVE-2014-0997
WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle exceptions, which allows remote attackers to cause a denial of service (reboot) via a crafted 802.11 probe response frame.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.173
EPSS Ranking 94.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://packetstormsecurity.com/files/130107/Android-WiFi-Direct-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2015/Jan/104
- http://www.securityfocus.com/archive/1/534544/100/0/threaded
- http://www.securityfocus.com/bid/72311
- https://www.coresecurity.com/advisories/android-wifi-direct-denial-service
- https://www.exploit-db.com/exploits/35913/
- http://packetstormsecurity.com/files/130107/Android-WiFi-Direct-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2015/Jan/104
- http://www.securityfocus.com/archive/1/534544/100/0/threaded
- http://www.securityfocus.com/bid/72311
- https://www.coresecurity.com/advisories/android-wifi-direct-denial-service
- https://www.exploit-db.com/exploits/35913/
Products affected by CVE-2014-0997
-
cpe:2.3:h:google:nexus_4:-
-
cpe:2.3:h:google:nexus_5:-
-
cpe:2.3:h:lg:d806:-
-
cpe:2.3:h:motorola:razr_hd:-
-
cpe:2.3:h:samsung:sm-t310:-
-
cpe:2.3:o:google:android:4.1.2
-
cpe:2.3:o:google:android:4.2.2
-
cpe:2.3:o:google:android:4.4.4