CVE-2018-16595

CVSS v3 6.5 MEDIUM
CVSS v2.0 3.3 LOW

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

3.3^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

he Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow.

References

Link	Resource
https://fortiguard.com/zeroday/FG-VD-18-036	Third Party Advisory
https://www.sony.co.uk/electronics/support/articles/00201041	Patch Vendor Advisory
https://fortiguard.com/zeroday/FG-VD-18-036	Third Party Advisory
https://www.sony.co.uk/electronics/support/articles/00201041	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:sony:r5c_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sony:kdl-32r500c:-:::::::*
	cpe:2.3:h:sony:kdl-32r503c:-:::::::*
	cpe:2.3:h:sony:kdl-32r505c:-:::::::*
	cpe:2.3:h:sony:kdl-40r550c:-:::::::*
	cpe:2.3:h:sony:kdl-40r553c:-:::::::*
	cpe:2.3:h:sony:kdl-40r555c:-:::::::*
	cpe:2.3:h:sony:kdl-48r550c:-:::::::*
	cpe:2.3:h:sony:kdl-48r553c:-:::::::*
	cpe:2.3:h:sony:kdl-48r555c:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:o:sony:wd75_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sony:kdl-32wd750:-:::::::*
	cpe:2.3:h:sony:kdl-32wd751:-:::::::*
	cpe:2.3:h:sony:kdl-32wd752:-:::::::*
	cpe:2.3:h:sony:kdl-32wd753:-:::::::*
	cpe:2.3:h:sony:kdl-32wd754:-:::::::*
	cpe:2.3:h:sony:kdl-32wd755:-:::::::*
	cpe:2.3:h:sony:kdl-32wd756:-:::::::*
	cpe:2.3:h:sony:kdl-32wd757:-:::::::*
	cpe:2.3:h:sony:kdl-32wd758:-:::::::*
	cpe:2.3:h:sony:kdl-32wd759:-:::::::*
	cpe:2.3:h:sony:kdl-43wd750:-:::::::*
	cpe:2.3:h:sony:kdl-43wd751:-:::::::*
	cpe:2.3:h:sony:kdl-43wd752:-:::::::*
	cpe:2.3:h:sony:kdl-43wd753:-:::::::*
	cpe:2.3:h:sony:kdl-43wd754:-:::::::*
	cpe:2.3:h:sony:kdl-43wd755:-:::::::*
	cpe:2.3:h:sony:kdl-43wd756:-:::::::*
	cpe:2.3:h:sony:kdl-43wd757:-:::::::*
	cpe:2.3:h:sony:kdl-43wd758:-:::::::*
	cpe:2.3:h:sony:kdl-43wd759:-:::::::*
	cpe:2.3:h:sony:kdl-49wd750:-:::::::*
	cpe:2.3:h:sony:kdl-49wd751:-:::::::*
	cpe:2.3:h:sony:kdl-49wd752:-:::::::*
	cpe:2.3:h:sony:kdl-49wd753:-:::::::*
	cpe:2.3:h:sony:kdl-49wd754:-:::::::*
	cpe:2.3:h:sony:kdl-49wd755:-:::::::*
	cpe:2.3:h:sony:kdl-49wd756:-:::::::*
	cpe:2.3:h:sony:kdl-49wd757:-:::::::*
	cpe:2.3:h:sony:kdl-49wd758:-:::::::*
	cpe:2.3:h:sony:kdl-49wd759:-:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:sony:wd65_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sony:kdl-40wd650:-:::::::*
	cpe:2.3:h:sony:kdl-40wd653:-:::::::*
	cpe:2.3:h:sony:kdl-40wd655:-:::::::*
	cpe:2.3:h:sony:kdl-48wd650:-:::::::*
	cpe:2.3:h:sony:kdl-48wd653:-:::::::*
	cpe:2.3:h:sony:kdl-48wd655:-:::::::*

Configuration 4 (hide)

AND

cpe:2.3:o:sony:xe70_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sony:kd-43xe7000:-:::::::*
	cpe:2.3:h:sony:kd-43xe7002:-:::::::*
	cpe:2.3:h:sony:kd-43xe7003:-:::::::*
	cpe:2.3:h:sony:kd-43xe7004:-:::::::*
	cpe:2.3:h:sony:kd-43xe7005:-:::::::*
	cpe:2.3:h:sony:kd-43xe7073:-:::::::*
	cpe:2.3:h:sony:kd-43xe7077:-:::::::*
	cpe:2.3:h:sony:kd-43xe7093:-:::::::*
	cpe:2.3:h:sony:kd-43xe7096:-:::::::*
	cpe:2.3:h:sony:kd-49xe7000:-:::::::*
	cpe:2.3:h:sony:kd-49xe7002:-:::::::*
	cpe:2.3:h:sony:kd-49xe7003:-:::::::*
	cpe:2.3:h:sony:kd-49xe7004:-:::::::*
	cpe:2.3:h:sony:kd-49xe7005:-:::::::*
	cpe:2.3:h:sony:kd-49xe7073:-:::::::*
	cpe:2.3:h:sony:kd-49xe7077:-:::::::*
	cpe:2.3:h:sony:kd-49xe7093:-:::::::*
	cpe:2.3:h:sony:kd-49xe7096:-:::::::*
	cpe:2.3:h:sony:kd-55xe7000:-:::::::*
	cpe:2.3:h:sony:kd-55xe7002:-:::::::*
	cpe:2.3:h:sony:kd-55xe7003:-:::::::*
	cpe:2.3:h:sony:kd-55xe7004:-:::::::*
	cpe:2.3:h:sony:kd-55xe7005:-:::::::*
	cpe:2.3:h:sony:kd-55xe7073:-:::::::*
	cpe:2.3:h:sony:kd-55xe7077:-:::::::*
	cpe:2.3:h:sony:kd-55xe7093:-:::::::*
	cpe:2.3:h:sony:kd-55xe7096:-:::::::*
	cpe:2.3:h:sony:kd-65xe7002:-:::::::*
	cpe:2.3:h:sony:kd-65xe7003:-:::::::*
	cpe:2.3:h:sony:kd-65xe7004:-:::::::*
	cpe:2.3:h:sony:kd-65xe7005:-:::::::*
	cpe:2.3:h:sony:kd-65xe7093:-:::::::*
	cpe:2.3:h:sony:kd-65xe7096:-:::::::*

Configuration 5 (hide)

AND

cpe:2.3:o:sony:xf70_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sony:xf70:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:sony:we75_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sony:kdl-43we750:-:::::::*
	cpe:2.3:h:sony:kdl-43we753:-:::::::*
	cpe:2.3:h:sony:kdl-43we754:-:::::::*
	cpe:2.3:h:sony:kdl-43we755:-:::::::*
	cpe:2.3:h:sony:kdl-49we750:-:::::::*
	cpe:2.3:h:sony:kdl-49we753:-:::::::*
	cpe:2.3:h:sony:kdl-49we754:-:::::::*
	cpe:2.3:h:sony:kdl-49we755:-:::::::*

Configuration 7 (hide)

AND

cpe:2.3:o:sony:we6_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sony:kdl-32we610:-:::::::*
	cpe:2.3:h:sony:kdl-32we613:-:::::::*
	cpe:2.3:h:sony:kdl-32we615:-:::::::*
	cpe:2.3:h:sony:kdl-40we660:-:::::::*
	cpe:2.3:h:sony:kdl-40we663:-:::::::*
	cpe:2.3:h:sony:kdl-40we665:-:::::::*
	cpe:2.3:h:sony:kdl-49we660:-:::::::*
	cpe:2.3:h:sony:kdl-49we663:-:::::::*
	cpe:2.3:h:sony:kdl-49we665:-:::::::*

Configuration 8 (hide)

AND

cpe:2.3:o:sony:wf6_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sony:wf6:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:53

Type	Values Removed	Values Added
References	~~() https://fortiguard.com/zeroday/FG-VD-18-036 - Third Party Advisory~~	() https://fortiguard.com/zeroday/FG-VD-18-036 - Third Party Advisory
References	~~() https://www.sony.co.uk/electronics/support/articles/00201041 - Patch, Vendor Advisory~~	() https://www.sony.co.uk/electronics/support/articles/00201041 - Patch, Vendor Advisory

Information

Published : 2019-06-19 19:15

Updated : 2024-11-21 03:53

NVD link : CVE-2018-16595

Mitre link : CVE-2018-16595

CVE.ORG link : CVE-2018-16595

JSON object : View

Products Affected

sony

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

6.5 /10

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

3.3 /10

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2018-16595

6.5^/10

3.3^/10

Attach tags to `CVE-2018-16595`