This page lists vulnerabilities / exploits for 3DS applications and applets. Exploiting these initially results in ROP.
Non-system applications
Application name
|
Summary
|
Description
|
Fixed in version
|
Last version this flaw was checked for
|
Timeframe this was discovered
|
Discovered by
|
Cubic Ninja
|
Map-data stack smash
|
See here regarding Ninjhax.
|
None
|
|
|
smea
|
System applications
Summary
|
Description
|
Fixed in version
|
Last version this flaw was checked for
|
Timeframe this was discovered
|
Discovered by
|
3DS System Settings DS profile string stack-smash
|
Too long or corrupted strings (01Ah 2 Nickname length in characters 050h 2 Message length in characters) in the NVRAM DS user settings (System Settings->Other Settings->Profile->Nintendo DS Profile) cause it to crash in 3DS-mode due to a stack-smash. The DSi is not vulnerable to this, DSi launcher(menu) and DSi System Settings will reset the NVRAM user-settings if the length field values are too long(same result as when the CRCs are invalid). TWL_FIRM also resets the NVRAM user-settings when the string-length(s) are too long.
|
7.0.0-13
|
7.0.0-13
|
2012
|
Ichfly
|
System applets