CVE-2016-9279

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.openwall.com/lists/oss-security/2016/11/11/11", "name": "[oss-security] 20161111 Re: CVE Request - Samsung Exynos fimg2d Multiple Issues", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2016/11/09/3", "name": "[oss-security] 20161109 CVE Request - Samsung Exynos fimg2d Multiple Issues", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016", "name": "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/94283", "name": "94283", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-416"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2016-9279", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2017-01-18T17:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:samsung:exynos_fimg2d_driver:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-04-25T01:59Z"}