CVE-2017-13160
https://notcve.org/view.php?id=CVE-2017-13160
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362. Existe una vulnerabilidad de ejecución remota de código en el sistema de Android (bluetooth). • http://www.securityfocus.com/bid/102109 https://source.android.com/security/bulletin/2017-12-01 • CWE-125: Out-of-bounds Read •
CVE-2017-13149
https://notcve.org/view.php?id=CVE-2017-13149
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872. Existe una vulnerabilidad de divulgación de información en el framework multimedia de Android (n/a). • https://source.android.com/security/bulletin/pixel/2017-12-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-13154
https://notcve.org/view.php?id=CVE-2017-13154
An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63666573. Existe una vulnerabilidad de elevación de privilegios en el framework multimedia de Android (libstagefright). • https://source.android.com/security/bulletin/pixel/2017-12-01 • CWE-416: Use After Free •
CVE-2017-13156 – Android Janus - APK Signature Bypass
https://notcve.org/view.php?id=CVE-2017-13156
An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847. Existe una vulnerabilidad de elevación de privilegios en el sistema de Android (art). • https://www.exploit-db.com/exploits/47601 https://github.com/xyzAsian/Janus-CVE-2017-13156 https://github.com/tea9/CVE-2017-13156-Janus https://github.com/M507/CVE-2017-13156 https://github.com/nahid0x1/Janus-Vulnerability-CVE-2017-13156-Exploit http://packetstormsecurity.com/files/155189/Android-Janus-APK-Signature-Bypass.html http://www.securityfocus.com/bid/102109 https://source.android.com/security/bulletin/2017-12-01 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2017-0874
https://notcve.org/view.php?id=CVE-2017-0874
A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63315932. Existe una vulnerabilidad de denegación de servicio en el framework multimedia en Android (libavc). • http://www.securityfocus.com/bid/102126 https://source.android.com/security/bulletin/2017-12-01 • CWE-20: Improper Input Validation •