Bugs & Vulnerabilities

From PS3 Developer wiki
Revision as of 21:33, 8 June 2013 by Euss (talk | contribs)
Jump to navigation Jump to search


http://cxsecurity.com/issue/WLB-2007030183 "Remote Play" Remote DoS Exploit
patched: ?

http://cxsecurity.com/issue/WLB-2008070060 Memory corruption and NULL pointer in Unreal Tournament III 1.2
unsure if applies to PS3?

http://cxsecurity.com/issue/WLB-2010010162 MacOS X 10.5/10.6 libc/strtod(3) buffer overflow
unsure if applies to PS3?

http://seclists.org/fulldisclosure/2007/Jan/474 OpenPrinter() stack-based buffer overflow
patched: ?

http://seclists.org/fulldisclosure/2009/Jul/299 DOM flaw
patched: ?

http://seclists.org/fulldisclosure/2013/May/113 PARAM.SFO stack-based buffer overflow
patched: since 2012-05-01 (4.40 and later)

AVP patch bypass exploit
patched: since 3.70 and later

PSN security intrusion patched: since 3.61 enforced password change

http://www.vulnerability-lab.com/get_content.php?id=740 Sony PSN Account Service - Password Reset Vulnerability
patched: since 2012-05-01

Private key nonrandom fail
patched: since 3.56

JIG downgrade
patched: since 3.56

USB config stack-based buffer overflow (PSjailbreak/PSGroove)
patched: since 3.42 and later

Lead year bug
patched: since 3.40 and later

MP4 vulnerability
patched: since 3.21 and later

Playback of Cinavia DRM protected titles
patched: since 3.10 and later

Open Remote Play
patched: since 2.80 and later

BD-J homebrew
patched: since 2.50 and later

Downgrading with Hardware flasher
patched: since 2.20 and later (by adding CoreOS hashing in Syscon to be checked by hypervisor; worked around by patching hypervisor on 3.56 and lower capable consoles)

Full RSX access in OtherOS
patched: since 2.10 and later