Difference between revisions of "Switch Userland Flaws"
Jump to navigation
Jump to search
(fckn RIP) |
|||
(3 intermediate revisions by 2 users not shown) | |||
Line 12: | Line 12: | ||
| CVE-2016-4657 | | CVE-2016-4657 | ||
| WebKit vuln discovered around August 2016. Most notably used in the iOS 9.3.X exploit. A simple PoC can be found [https://github.com/LiveOverflow/lo_nintendoswitch/blob/master/poc1.html here]. This was later exploited by [https://twitter.com/qwertyoruiopz Qwertyoruiop] using an adjusted version of his iOS 9.3 webkit exploit (others exploited this prior to then). | | WebKit vuln discovered around August 2016. Most notably used in the iOS 9.3.X exploit. A simple PoC can be found [https://github.com/LiveOverflow/lo_nintendoswitch/blob/master/poc1.html here]. This was later exploited by [https://twitter.com/qwertyoruiopz Qwertyoruiop] using an adjusted version of his iOS 9.3 webkit exploit (others exploited this prior to then). | ||
− | | [[ | + | | [[2.1.0]] |
− | | [[ | + | | [[2.0.0]] |
| Original: August 2016 | | Original: August 2016 | ||
Switch: March 3rd-4th 2017 | Switch: March 3rd-4th 2017 | ||
− | | | + | | Everyone |
|- | |- | ||
− | | | + | | CVE-2017-7005 |
− | | | + | | WebKit type confusion. |
− | | | + | | [[3.0.1]] |
− | + | | [[3.0.1]] | |
| | | | ||
+ | | Everyone | ||
+ | |- | ||
+ | | CVE-2016-4622 | ||
+ | | WebKit memory corruption bug. This bug was incorrectly re-introduced in [[4.0.0]]. See [http://www.phrack.org/papers/attacking_javascript_engines.html here] for a detailed write-up from the author. | ||
+ | | [[6.1.0]] | ||
+ | | [[6.1.0]] | ||
| | | | ||
+ | | Everyone | ||
|} | |} |
Revision as of 18:19, 30 October 2018
This page lists vulnerabilities / exploits for Nintendo Switch applications and applets.
Browser userspace
Summary | Description | Fixed with software update | Newest software update this flaw was checked for | Timeframe this was discovered | Discovered by |
---|---|---|---|---|---|
CVE-2016-4657 | WebKit vuln discovered around August 2016. Most notably used in the iOS 9.3.X exploit. A simple PoC can be found here. This was later exploited by Qwertyoruiop using an adjusted version of his iOS 9.3 webkit exploit (others exploited this prior to then). | 2.1.0 | 2.0.0 | Original: August 2016
Switch: March 3rd-4th 2017 |
Everyone |
CVE-2017-7005 | WebKit type confusion. | 3.0.1 | 3.0.1 | Everyone | |
CVE-2016-4622 | WebKit memory corruption bug. This bug was incorrectly re-introduced in 4.0.0. See here for a detailed write-up from the author. | 6.1.0 | 6.1.0 | Everyone |