Page 146 of 935 results (0.013 seconds)

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-34514954. • http://www.securityfocus.com/bid/98146 https://source.android.com/security/bulletin/2017-05-01 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34097672. • http://www.securityfocus.com/bid/98124 https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d https://source.android.com/security/bulletin/2017-05-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 0%CPEs: 29EXPL: 0

A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34970788. • http://www.securityfocus.com/bid/98125 https://android.googlesource.com/platform/frameworks/av/+/acc192347665943ca674acf117e4f74a88436922 https://source.android.com/security/bulletin/2017-05-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 0%CPEs: 29EXPL: 0

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34749571. • http://www.securityfocus.com/bid/98131 https://source.android.com/security/bulletin/2017-05-01 • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32952839. • http://www.securityfocus.com/bid/98148 https://source.android.com/security/bulletin/2017-05-01 • CWE-264: Permissions, Privileges, and Access Controls •