Sign-up

ID

VAR-201307-0261


CVE

CVE-2013-3655


TITLE

Sharp AQUOS PhotoPlayer HN-PP150 Remote Denial of Service Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2013-09690 // BID: 61137

DESCRIPTION

The Sharp AQUOS PhotoPlayer HN-PP150 with firmware before 1.04.00.04 allows remote attackers to cause a denial of service (networking outage) via crafted packet data. AQUOS PhotoPlayer HN-PP150 contains an issue in the processing of packets, which may lead to a denial-of-service (DoS). Ayako Matsuda of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Network functions may be disabled by a remote attacker. Sharp AQUOS PhotoPlayer HN-PP150 is a picture printing and playback device. A remote attacker could exploit this vulnerability to crash an application and deny service to legitimate users. Sharp AQUOS PhotoPlayer HN-PP150 running firmware 1.03.01.04 and earlier are vulnerable. Sharp AQUOS PhotoPlayer HN-PP150 is a photo player product of Sharp Corporation of Japan. This product provides slideshow presentation, photo printing and other functions

Trust: 2.52

sources: NVD: CVE-2013-3655 // JVNDB: JVNDB-2013-000068 // CNVD: CNVD-2013-09690 // BID: 61137 // VULHUB: VHN-63657

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-09690

AFFECTED PRODUCTS

vendor:sharpmodel:aquos hn-pp150scope:lteversion:1.04.00

Trust: 1.0

vendor:sharpmodel:aquos hn-pp150scope:eqversion: -

Trust: 1.0

vendor:sharpmodel:aquos photoplayer hn-pp150scope:eqversion:1.03.01.04

Trust: 0.9

vendor:sharpmodel:aquos hn-pp150scope:lteversion:v 1.03.01.04

Trust: 0.8

vendor:sharpmodel:aquos photo player hn-pp150scope: - version: -

Trust: 0.8

vendor:sharpmodel:aquos hn-pp150scope:eqversion:1.04.00

Trust: 0.6

sources: CNVD: CNVD-2013-09690 // BID: 61137 // JVNDB: JVNDB-2013-000068 // CNNVD: CNNVD-201307-238 // NVD: CVE-2013-3655

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-3655
value: MEDIUM

Trust: 1.0

IPA: JVNDB-2013-000068
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2013-09690
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201307-238
value: MEDIUM

Trust: 0.6

VULHUB: VHN-63657
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-3655
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2013-000068
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2013-09690
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-63657
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2013-09690 // VULHUB: VHN-63657 // JVNDB: JVNDB-2013-000068 // CNNVD: CNNVD-201307-238 // NVD: CVE-2013-3655

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-3655

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201307-238

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 61137

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-000068

PATCH
title:About the firmware update of HN-PP150url:http://www.sharp.co.jp/support/photoplayer/fw_update.html
Trust: 0.8
title:AQUOS PhotoPlayerurl:http://www.sharp.co.jp/support/photoplayer/index.html
Trust: 0.8
title:Sharp AQUOS PhotoPlayer HN-PP150 Remote Denial of Service Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/35172
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-09690 // 
            
            
            
            JVNDB: JVNDB-2013-000068

EXTERNAL IDS
db:NVDid:CVE-2013-3655
Trust: 3.4
db:JVNid:JVN68773685
Trust: 2.8
db:JVNDBid:JVNDB-2013-000068
Trust: 2.8
db:BIDid:61137
Trust: 1.0
db:CNNVDid:CNNVD-201307-238
Trust: 0.7
db:CNVDid:CNVD-2013-09690
Trust: 0.6
db:JVNid:JVN#68773685
Trust: 0.6
db:VULHUBid:VHN-63657
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-09690 // 
            
            
            
            VULHUB: VHN-63657 // 
            
            
            
            BID: 61137 // 
            
            
            
            JVNDB: JVNDB-2013-000068 // 
            
            
            
            CNNVD: CNNVD-201307-238 // 
            
            
            
            NVD: CVE-2013-3655

REFERENCES
url:http://jvn.jp/en/jp/jvn68773685/index.html
Trust: 2.5
url:http://www.sharp.co.jp/support/photoplayer/fw_update.html
Trust: 2.0
url:http://jvndb.jvn.jp/jvndb/jvndb-2013-000068
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3655
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3655
Trust: 0.8
url:http://www.securityfocus.com/bid/61137
Trust: 0.6
url:http://www.jvn.jp/en/jp/jvn68773685/index.html
Trust: 0.3
url:http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000068.html
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2013-09690 // 
            
            
            
            VULHUB: VHN-63657 // 
            
            
            
            BID: 61137 // 
            
            
            
            JVNDB: JVNDB-2013-000068 // 
            
            
            
            CNNVD: CNNVD-201307-238 // 
            
            
            
            NVD: CVE-2013-3655

CREDITS
Ayako Matsuda of FFRI Inc
Trust: 0.3
sources:
            
            
            BID: 61137

SOURCES
db:CNVDid:CNVD-2013-09690
db:VULHUBid:VHN-63657
db:BIDid:61137
db:JVNDBid:JVNDB-2013-000068
db:CNNVDid:CNNVD-201307-238
db:NVDid:CVE-2013-3655

LAST UPDATE DATE
2025-04-11T23:10:40.247000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-09690date:2013-07-25T00:00:00
db:VULHUBid:VHN-63657date:2013-07-15T00:00:00
db:BIDid:61137date:2013-07-11T00:00:00
db:JVNDBid:JVNDB-2013-000068date:2013-07-16T00:00:00
db:CNNVDid:CNNVD-201307-238date:2013-07-15T00:00:00
db:NVDid:CVE-2013-3655date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CNVDid:CNVD-2013-09690date:2013-07-17T00:00:00
db:VULHUBid:VHN-63657date:2013-07-12T00:00:00
db:BIDid:61137date:2013-07-11T00:00:00
db:JVNDBid:JVNDB-2013-000068date:2013-07-11T00:00:00
db:CNNVDid:CNNVD-201307-238date:2013-07-15T00:00:00
db:NVDid:CVE-2013-3655date:2013-07-12T16:56:12.360