Details of VAR-201609-0063

ID

VAR-201609-0063

CVE

CVE-2016-6184

TITLE

Huawei Honor 4C Smartphone software Camera Service disruption in drivers (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-004559

DESCRIPTION

The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6180, CVE-2016-6181, CVE-2016-6182, and CVE-2016-6183. This vulnerability CVE-2016-6180 , CVE-2016-6181 , CVE-2016-6182 ,and CVE-2016-6183 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlDenial of service operations through a specially crafted application by an attacker ( System crash ) It may be put into a state or it may be authorized. HuaweiHonor4C (Huawei Glory 4C) is a smartphone product from China's Huawei company. The HuaweiHonor4C driver has an input validation vulnerability. An attacker can induce a user to install a malicious application and use the vulnerability to pass specific parameters to the Camera driver, causing a system reboot or user privilege escalation. Huawei Honor 4C is prone to multiple unspecified security vulnerabilities Limited information is currently available regarding these issues. We will update this BID as more information emerges. The following versions are vulnerable: Huawei Honor 4C CHM-UL00C00B535 through CHM-UL00C00B556 Huawei Honor 4C CHM-TL00C01 B535 through CHM-TL00C01B556 Huawei Honor 4C CHM-TL00HC00 B535 through CHM-TL00HC00B556

Trust: 2.52

sources: NVD: CVE-2016-6184 // JVNDB: JVNDB-2016-004559 // CNVD: CNVD-2016-05173 // BID: 91807 // VULHUB: VHN-95004

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-05173

AFFECTED PRODUCTS

vendor:	huawei	model:	honor 4c	scope:	eq	version:	chm-tl00hc00b556	Trust: 1.6
vendor:	huawei	model:	honor 4c	scope:	eq	version:	chm-ul00c00b556	Trust: 1.6
vendor:	huawei	model:	honor 4c	scope:	eq	version:	chm-tl00c01_b535	Trust: 1.6
vendor:	huawei	model:	honor 4c	scope:	eq	version:	chm-tl00hc00_b535	Trust: 1.6
vendor:	huawei	model:	honor 4c	scope:	eq	version:	chm-ul00c00b535	Trust: 1.6
vendor:	huawei	model:	honor 4c	scope:	eq	version:	chm-tl00c01b556	Trust: 1.6
vendor:	huawei	model:	honor 4c	scope:	lt	version:	chm-ul00c00	Trust: 0.8
vendor:	huawei	model:	honor 4c	scope:	eq	version:	chm-tl00hc00b564	Trust: 0.8
vendor:	huawei	model:	honor 4c	scope:	lt	version:	chm-tl00c00	Trust: 0.8
vendor:	huawei	model:	honor 4c	scope:	eq	version:	chm-ul00c00b564	Trust: 0.8
vendor:	huawei	model:	honor 4c	scope:	lt	version:	chm-tl00c01	Trust: 0.8
vendor:	huawei	model:	honor 4c	scope:	eq	version:	chm-tl00c01b564	Trust: 0.8
vendor:	huawei	model:	honor 4c	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	honor 4c >chm-ul00c00b535,<chm-ul00c00b556	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	honor 4c >chm-tl00c01 b535,<chm-tl00c01b556	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	honor 4c >chm-tl00hc00 b535,<chm-tl00hc00b556	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	honor 4c chm-ul00c00b556	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	honor 4c chm-ul00c00b535	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	honor 4c chm-tl00hc00b556	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	honor 4c chm-tl00hc00 b535	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	honor 4c chm-tl00c01b556	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	honor 4c chm-tl00c01 b535	scope:	-	version:	-	Trust: 0.3
vendor:	huawei	model:	honor 4c chm-ul00c00b564	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	honor 4c chm-tl00hc00b564	scope:	ne	version:	-	Trust: 0.3
vendor:	huawei	model:	honor 4c chm-tl00c01b564	scope:	ne	version:	-	Trust: 0.3

sources: CNVD: CNVD-2016-05173 // BID: 91807 // JVNDB: JVNDB-2016-004559 // NVD: CVE-2016-6184 // CNNVD: CNNVD-201607-496

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2016-6184
value:	HIGH
Trust: 1.8
CNVD:	CNVD-2016-05173
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201607-496
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-95004
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	TRUE
version:	2.0
Trust: 1.0
NVD:	CVE-2016-6184
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2016-05173
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95004
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.0
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2016-6184
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2016-05173 // VULHUB: VHN-95004 // JVNDB: JVNDB-2016-004559 // NVD: CVE-2016-6184 // CNNVD: CNNVD-201607-496

PROBLEMTYPE DATA

problemtype:	CWE-284	Trust: 1.1
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-95004 // JVNDB: JVNDB-2016-004559 // NVD: CVE-2016-6184

THREAT TYPE

local

Trust: 0.9

sources: BID: 91807 // CNNVD: CNNVD-201607-496

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201607-496

CONFIGURATIONS

sources: NVD: CVE-2016-6184

PATCH

title:	huawei-sa-20160716-01-smartphone	url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160716-01-smartphone-en	Trust: 0.8
title:	HuaweiHonor4C driver patch for input validation vulnerability	url:	https://www.cnvd.org.cn/patchinfo/show/79493	Trust: 0.6
title:	Huawei Honor 4C Fixes for driver input verification security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62991	Trust: 0.6

sources: CNVD: CNVD-2016-05173 // JVNDB: JVNDB-2016-004559 // CNNVD: CNNVD-201607-496

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6184	Trust: 2.8
db:	BID	id:	91807	Trust: 1.5
db:	JVNDB	id:	JVNDB-2016-004559	Trust: 0.8
db:	CNNVD	id:	CNNVD-201607-496	Trust: 0.7
db:	CNVD	id:	CNVD-2016-05173	Trust: 0.6
db:	NSFOCUS	id:	34725	Trust: 0.6
db:	VULHUB	id:	VHN-95004	Trust: 0.1

sources: CNVD: CNVD-2016-05173 // VULHUB: VHN-95004 // BID: 91807 // JVNDB: JVNDB-2016-004559 // NVD: CVE-2016-6184 // CNNVD: CNNVD-201607-496

REFERENCES

url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160716-01-smartphone-en	Trust: 2.6
url:	http://www.securityfocus.com/bid/91807	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6184	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6184	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/34725	Trust: 0.6
url:	http://www.huawei.com	Trust: 0.3

sources: CNVD: CNVD-2016-05173 // VULHUB: VHN-95004 // BID: 91807 // JVNDB: JVNDB-2016-004559 // NVD: CVE-2016-6184 // CNNVD: CNNVD-201607-496

CREDITS

Yang Chengming, Yang Chao, You Ning, Xiao Peng and Song Yang of Alibaba Mobile Security Team.

Trust: 0.9

sources: BID: 91807 // CNNVD: CNNVD-201607-496

SOURCES

db:	CNVD	id:	CNVD-2016-05173
db:	VULHUB	id:	VHN-95004
db:	BID	id:	91807
db:	JVNDB	id:	JVNDB-2016-004559
db:	NVD	id:	CVE-2016-6184
db:	CNNVD	id:	CNNVD-201607-496

LAST UPDATE DATE

2023-12-18T12:51:30.762000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-05173	date:	2016-07-22T00:00:00
db:	VULHUB	id:	VHN-95004	date:	2016-09-08T00:00:00
db:	BID	id:	91807	date:	2016-07-16T00:00:00
db:	JVNDB	id:	JVNDB-2016-004559	date:	2016-09-09T00:00:00
db:	NVD	id:	CVE-2016-6184	date:	2016-09-08T17:16:34.777
db:	CNNVD	id:	CNNVD-201607-496	date:	2016-09-08T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-05173	date:	2016-07-22T00:00:00
db:	VULHUB	id:	VHN-95004	date:	2016-09-07T00:00:00
db:	BID	id:	91807	date:	2016-07-16T00:00:00
db:	JVNDB	id:	JVNDB-2016-004559	date:	2016-09-09T00:00:00
db:	NVD	id:	CVE-2016-6184	date:	2016-09-07T19:28:08.893
db:	CNNVD	id:	CNNVD-201607-496	date:	2016-07-19T00:00:00