Difference between revisions of "Switch Userland Flaws"
Jump to navigation
Jump to search
(Created page with "= Switch Userland Flaws = (fill this) == Browser userspace == ===WebKit=== {| class="wikitable" border="1" ! Summary ! Description ! Fixed with software update ! Newest s...") |
(fckn RIP) |
||
(14 intermediate revisions by 6 users not shown) | |||
Line 1: | Line 1: | ||
− | + | This page lists vulnerabilities / exploits for Nintendo Switch applications and applets. | |
− | + | ||
== Browser userspace == | == Browser userspace == | ||
− | |||
{| class="wikitable" border="1" | {| class="wikitable" border="1" | ||
! Summary | ! Summary | ||
Line 11: | Line 10: | ||
! Discovered by | ! Discovered by | ||
|- | |- | ||
− | | CVE-2016-4657 | + | | CVE-2016-4657 |
− | | A | + | | WebKit vuln discovered around August 2016. Most notably used in the iOS 9.3.X exploit. A simple PoC can be found [https://github.com/LiveOverflow/lo_nintendoswitch/blob/master/poc1.html here]. This was later exploited by [https://twitter.com/qwertyoruiopz Qwertyoruiop] using an adjusted version of his iOS 9.3 webkit exploit (others exploited this prior to then). |
− | | | + | | [[2.1.0]] |
− | | 2.0.0 | + | | [[2.0.0]] |
− | | | + | | Original: August 2016 |
− | | | + | Switch: March 3rd-4th 2017 |
+ | | Everyone | ||
|- | |- | ||
+ | | CVE-2017-7005 | ||
+ | | WebKit type confusion. | ||
+ | | [[3.0.1]] | ||
+ | | [[3.0.1]] | ||
+ | | | ||
+ | | Everyone | ||
+ | |- | ||
+ | | CVE-2016-4622 | ||
+ | | WebKit memory corruption bug. This bug was incorrectly re-introduced in [[4.0.0]]. See [http://www.phrack.org/papers/attacking_javascript_engines.html here] for a detailed write-up from the author. | ||
+ | | [[6.1.0]] | ||
+ | | [[6.1.0]] | ||
+ | | | ||
+ | | Everyone | ||
|} | |} |
Revision as of 18:19, 30 October 2018
This page lists vulnerabilities / exploits for Nintendo Switch applications and applets.
Browser userspace
Summary | Description | Fixed with software update | Newest software update this flaw was checked for | Timeframe this was discovered | Discovered by |
---|---|---|---|---|---|
CVE-2016-4657 | WebKit vuln discovered around August 2016. Most notably used in the iOS 9.3.X exploit. A simple PoC can be found here. This was later exploited by Qwertyoruiop using an adjusted version of his iOS 9.3 webkit exploit (others exploited this prior to then). | 2.1.0 | 2.0.0 | Original: August 2016
Switch: March 3rd-4th 2017 |
Everyone |
CVE-2017-7005 | WebKit type confusion. | 3.0.1 | 3.0.1 | Everyone | |
CVE-2016-4622 | WebKit memory corruption bug. This bug was incorrectly re-introduced in 4.0.0. See here for a detailed write-up from the author. | 6.1.0 | 6.1.0 | Everyone |