Integer Overflow Vulnerabilities in NDEF Record Parser

Integer Overflow Vulnerabilities in NDEF Record Parser

CVE-2015-8041 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.

Learn more about our Web Application Penetration Testing UK.