Vulnerability-Lookup

CNVD-2018-20054

Vulnerability from cnvd - Published: 2018-09-28

Title

Samsung Notes路径遍历漏洞

Description

Samsung Notes是韩国三星（Samsung）公司的一款Notes系列智能手机产品。 Samsung Notes中ZIP文件的处理存在路径遍历漏洞，该漏洞源于进行文件操作时程序在使用用户提交的路径之前，未能正确的验证该路径。本地攻击者可利用该漏洞提升权限。

Severity

中

Patch Name

Samsung Notes路径遍历漏洞的补丁

Patch Description

Samsung Notes是韩国三星（Samsung）公司的一款Notes系列智能手机产品。 Samsung Notes中ZIP文件的处理存在路径遍历漏洞，该漏洞源于进行文件操作时程序在使用用户提交的路径之前，未能正确的验证该路径。本地攻击者可利用该漏洞提升权限。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.samsung.com/

Reference

https://www.zerodayinitiative.com/advisories/ZDI-18-561/

Impacted products

Name
Samsung Notes

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-10501"
    }
  },
  "description": "Samsung Notes\u662f\u97e9\u56fd\u4e09\u661f\uff08Samsung\uff09\u516c\u53f8\u7684\u4e00\u6b3eNotes\u7cfb\u5217\u667a\u80fd\u624b\u673a\u4ea7\u54c1\u3002\r\n\r\nSamsung Notes\u4e2dZIP\u6587\u4ef6\u7684\u5904\u7406\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8fdb\u884c\u6587\u4ef6\u64cd\u4f5c\u65f6\u7a0b\u5e8f\u5728\u4f7f\u7528\u7528\u6237\u63d0\u4ea4\u7684\u8def\u5f84\u4e4b\u524d\uff0c\u672a\u80fd\u6b63\u786e\u7684\u9a8c\u8bc1\u8be5\u8def\u5f84\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002",
  "discovererName": "MWR Labs - Alex Plaskett,James Loureiro,Robert Miller and Georgi Geshev",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.samsung.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-20054",
  "openTime": "2018-09-28",
  "patchDescription": "Samsung Notes\u662f\u97e9\u56fd\u4e09\u661f\uff08Samsung\uff09\u516c\u53f8\u7684\u4e00\u6b3eNotes\u7cfb\u5217\u667a\u80fd\u624b\u673a\u4ea7\u54c1\u3002\r\n\r\nSamsung Notes\u4e2dZIP\u6587\u4ef6\u7684\u5904\u7406\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8fdb\u884c\u6587\u4ef6\u64cd\u4f5c\u65f6\u7a0b\u5e8f\u5728\u4f7f\u7528\u7528\u6237\u63d0\u4ea4\u7684\u8def\u5f84\u4e4b\u524d\uff0c\u672a\u80fd\u6b63\u786e\u7684\u9a8c\u8bc1\u8be5\u8def\u5f84\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Samsung Notes\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Samsung Notes"
  },
  "referenceLink": "https://www.zerodayinitiative.com/advisories/ZDI-18-561/",
  "serverity": "\u4e2d",
  "submitTime": "2018-08-31",
  "title": "Samsung Notes\u8def\u5f84\u904d\u5386\u6f0f\u6d1e"
}

CVE-2018-10501 (GCVE-0-2018-10501)

Vulnerability from cvelistv5 – Published: 2018-09-24 23:00 – Updated: 2024-08-05 07:39

Summary

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5358.

Severity ?

No CVSS data available.

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

zdi

References

URL

Tags

https://zerodayinitiative.com/advisories/ZDI-18-561

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Samsung	Samsung Notes	Affected: Fixed in version 2.0.02.31

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:39:08.068Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://zerodayinitiative.com/advisories/ZDI-18-561"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Samsung Notes",
          "vendor": "Samsung",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in version 2.0.02.31"
            }
          ]
        }
      ],
      "datePublic": "2018-06-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5358."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22-Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-09-24T22:57:01.000Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://zerodayinitiative.com/advisories/ZDI-18-561"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "zdi-disclosures@trendmicro.com",
          "ID": "CVE-2018-10501",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Samsung Notes",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in version 2.0.02.31"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Samsung"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5358."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22-Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://zerodayinitiative.com/advisories/ZDI-18-561",
              "refsource": "MISC",
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-561"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2018-10501",
    "datePublished": "2018-09-24T23:00:00.000Z",
    "dateReserved": "2018-04-27T00:00:00.000Z",
    "dateUpdated": "2024-08-05T07:39:08.068Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-20054

CVE-2018-10501 (GCVE-0-2018-10501)

Tags

Sightings

Nomenclature