» 2017 » 2월

CVE-2017-0414

Posted on 2017년 2월 9일2017년 2월 9일 by admin

CVE-2017-0414

An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does not have access to. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32807795.

Source: CVE-2017-0414

CVE-2016-8418

Posted on 2017년 2월 9일2017년 2월 9일 by admin

CVE-2016-8418

A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Product: Android. Versions: N/A. Android ID: A-32652894. References: QC-CR#1077457.

Source: CVE-2016-8418

CVE-2016-8480

Posted on 2017년 2월 9일2017년 2월 9일 by admin

CVE-2016-8480

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31804432. References: QC-CR#1086186.

Source: CVE-2016-8480

CVE-2016-8420

Posted on 2017년 2월 9일2017년 2월 9일 by admin

CVE-2016-8420

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32451171. References: QC-CR#1087807.

Source: CVE-2016-8420

CVE-2017-0406

Posted on 2017년 2월 9일2017년 2월 9일 by admin

CVE-2017-0406

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. This affects the libhevc library. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32915871.

Source: CVE-2017-0406

CVE-2017-0410

Posted on 2017년 2월 9일2017년 2월 9일 by admin

CVE-2017-0410

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31929765.

Source: CVE-2017-0410

CVE-2016-8421

Posted on 2017년 2월 9일2017년 2월 9일 by admin

CVE-2016-8421

Source: CVE-2016-8421

CVE-2017-0408

Posted on 2017년 2월 9일2017년 2월 9일 by admin

CVE-2017-0408

A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 7.1.1. Android ID: A-32769670.

Source: CVE-2017-0408

CVE-2017-0409

Posted on 2017년 2월 9일2017년 2월 9일 by admin

CVE-2017-0409

A remote code execution vulnerability in libstagefright could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31999646.

Source: CVE-2017-0409

CVE-2016-8476

Posted on 2017년 2월 9일2017년 2월 9일 by admin

CVE-2016-8476

Source: CVE-2016-8476