Description

In bta_hd_set_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.

Remediation

References

CVE-2018-9481

Related Vulnerabilities

Oracle Application Server Other Vulnerability (CVE-2002-1631)

Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8155)

Oracle JRE CVE-2024-20952 Vulnerability (CVE-2024-20952)

WordPress Plugin WP SMS Cross-Site Scripting (5.4.9)

WordPress Plugin Affiliates Multiple Cross-Site Scripting Vulnerabilities (2.13.1)

Severity

Medium

Classification

CVE-2018-9481 CWE-190 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities