CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13256
https://notcve.org/view.php?id=CVE-2017-13256
In process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13266
https://notcve.org/view.php?id=CVE-2017-13266
In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-13265
https://notcve.org/view.php?id=CVE-2017-13265
A elevation of privilege vulnerability in the Android system (OTA updates). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-36232423. Vulnerabilidad de elevación de privilegios en el sistema de Android (actualizaciones OTA). • https://source.android.com/security/bulletin/pixel/2018-03-01 •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13255
https://notcve.org/view.php?id=CVE-2017-13255
In process_service_attr_req of sdp_server.c, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13259
https://notcve.org/view.php?id=CVE-2017-13259
In functionality implemented in sdp_discovery.cc, there are possible out of bounds reads due to missing bounds checks. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-125: Out-of-bounds Read •