CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9507
https://notcve.org/view.php?id=CVE-2018-9507
In bta_av_proc_meta_cmd of bta_av_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111893951 En bta_av_proc_meta_cmd de bta_av_act.cc, hay una posible lectura fuera de límites debido a una comprobación de límites incorrecta. Esto podría llevar a una divulgación remota de información por Buetooth sin necesitar privilegios de ejecución adicionales. • http://www.securityfocus.com/bid/105482 https://android.googlesource.com/platform/system/bt/+/30cec963095366536ca0b1306089154e09bfe1a9 https://source.android.com/security/bulletin/2018-10-01 https://source.android.com/security/bulletin/2018-10-01%2C • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9452
https://notcve.org/view.php?id=CVE-2018-9452
In getOffsetForHorizontal of Layout.java, there is a possible application hang due to a slow width calculation. This could lead to remote denial of service if a contact with many hidden unicode characters were sent to the device and used by a local app, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-78464361 En getOffsetForHorizontal de Layout.java, hay un posible bloqueo de aplicación debido a un cálculo de ancho lento. Esto podría conducir a una denegación de servicio (DoS) remota si un contacto con muchos caracteres Unicode ocultos se envía al dispositivo y es empleado por una aplicación local, sin necesitar privilegios de ejecución adicionales. • http://www.securityfocus.com/bid/105484 https://android.googlesource.com/platform/frameworks/base/+/3b6f84b77c30ec0bab5147b0cffc192c86ba2634 https://android.googlesource.com/platform/frameworks/base/+/54f661b16b308cf38d1b9703214591c0f83df64d%2C https://source.android.com/security/bulletin/2018-10-01%2C • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9476
https://notcve.org/view.php?id=CVE-2018-9476
In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper locking. This could lead to remote escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-109699112 En avrc_pars_browsing_cmd en avrc_pars_tg.cc, hay un posible uso de memoria previamente liberada debido a un bloqueo incorrecto. Esto podría llevar a un escalado de privilegios remoto en el servicio Bluetooth sin necesitar privilegios de ejecución adicionales. • http://www.securityfocus.com/bid/105482 https://android.googlesource.com/platform/system/bt/+/dd28d8ddf2985d654781770c691c60b45d7f32b4 https://source.android.com/security/bulletin/2018-10-01%2C • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9490
https://notcve.org/view.php?id=CVE-2018-9490
In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111274046 En CollectValuesOrEntriesImpl de elements.cc, hay uan posible ejecución remota de código debido a una confusión de tipos. • http://www.securityfocus.com/bid/105484 https://android.googlesource.com/platform/external/chromium-libpac/+/948d4753664cc4e6b33cc3de634ac8fd5f781382%2C https://android.googlesource.com/platform/external/v8/+/a24543157ae2cdd25da43e20f4e48a07481e6ceb https://source.android.com/security/bulletin/2018-10-01%2C • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9493
https://notcve.org/view.php?id=CVE-2018-9493
In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111085900 En el proveedor de contenidos del gestor de descargas, hay una posible inyección SQL debido a una validación de entradas incorrecta. Esto podría llevar a una divulgación de información local sin necesitar privilegios de ejecución adicionales. • http://www.securityfocus.com/bid/105484 https://android.googlesource.com/platform/frameworks/base/+/462aaeaa616e0bb1342e8ef7b472acc0cbc93deb%2C https://android.googlesource.com/platform/frameworks/base/+/ebc250d16c747f4161167b5ff58b3aea88b37acf https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/e7364907439578ce5334bce20bb03fef2e88b107%2C https://source.android.com/security/bulletin/2018-10-01%2C • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •