Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Headunit_ntg6_mercedes\-Benz_user_experience
(Mercedes\-Benz)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-02-13 | CVE-2023-34397 | Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB. During parsing you can trigger that the service will be crashed. | Headunit_ntg6_mercedes\-Benz_user_experience | N/A | ||
| 2025-02-13 | CVE-2023-34398 | Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference. | Headunit_ntg6_mercedes\-Benz_user_experience | N/A | ||
| 2025-02-13 | CVE-2023-34399 | Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow. | Headunit_ntg6_mercedes\-Benz_user_experience | N/A | ||
| 2025-02-13 | CVE-2023-34400 | Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. In case of parsing file, service try to define header inside the file and convert it to null-terminated string. If character is missed, will return null pointer. | Headunit_ntg6_mercedes\-Benz_user_experience | N/A | ||
| 2025-02-13 | CVE-2023-34401 | Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside profile folder there is a file, which is encoded with proprietary UD2 codec. Due to missed size checks in the enapsulate file, attacker can achieve Out-of-Bound Read in heap memory. | Headunit_ntg6_mercedes\-Benz_user_experience | N/A |