NVD

Id
31363  
Name
CVE-2014-3100  
Description
Stack-based buffer overflow in the encode_key function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name.  
Reject
 
CVSS Version
2  
CVSS Score
5.1  
Severity
Medium  
CVSS Base Score
5.1  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-07-02  
Modified Date
2015-10-08  
Seq
2014-3100  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
164213 31363 CVE-2014-3100 http://packetstormsecurity.com/files/127185/Android-KeyStore-Stack-Buffer-Overflow.html  View
164214 31363 CVE-2014-3100 http://securityintelligence.com/android-keystore-stack-buffer-overflow-to-keep-things-simple-buffers-are-always-larger-than-needed/  View
164215 31363 CVE-2014-3100 20140623 Android KeyStore Stack Buffer Overflow (CVE-2014-3100)  View
164216 31363 CVE-2014-3100 68152  View
164217 31363 CVE-2014-3100 http://www.slideshare.net/ibmsecurity/android-keystorestackbufferoverflow  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
14251 JVNDB-2014-003126 Android の KeyStore サービスの /system/bin/keystore におけるスタックベースのバッファオーバーフローの脆弱性 Android の KeyStore サービスの /system/bin/keystore 内の encode_key 関数には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2014-3100 70387 CVE-2014-3100 31363 5.1 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003126.html 2014-06-23 2014-07-04 View