[월:] 2017년 03월

CVE-2017-0472 (android)

Posted on by admin

CVE-2017-0472 (android)

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33862021.

Source: CVE-2017-0472 (android)

CVE-2017-0494 (android)

Posted on by admin

CVE-2017-0494 (android)

An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32764144.

Source: CVE-2017-0494 (android)

CVE-2017-0492 (android)

Posted on by admin

CVE-2017-0492 (android)

An elevation of privilege vulnerability in the System UI could enable a local malicious application to create a UI overlay covering the entire screen. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or user permission. Product: Android. Versions: 7.1.1. Android ID: A-30150688.

Source: CVE-2017-0492 (android)

CVE-2017-0478 (android)

Posted on by admin

CVE-2017-0478 (android)

A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33718716.

Source: CVE-2017-0478 (android)

CVE-2017-0477 (android)

Posted on by admin

CVE-2017-0477 (android)

A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 7.1.1. Android ID: A-33621647.

Source: CVE-2017-0477 (android)

CVE-2017-0467 (android)

Posted on by admin

CVE-2017-0467 (android)

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33250932.

Source: CVE-2017-0467 (android)

CVE-2017-0471 (android)

Posted on by admin

CVE-2017-0471 (android)

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33816782.

Source: CVE-2017-0471 (android)

CVE-2017-0470 (android)

Posted on by admin

CVE-2017-0470 (android)

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33818500.

Source: CVE-2017-0470 (android)