CVE-2017-13152
https://notcve.org/view.php?id=CVE-2017-13152
An information disclosure vulnerability in the Android media framework (libmedia drm). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62872384. Existe una vulnerabilidad de divulgación de información en el framework multimedia de Android (libmedia drm). • https://source.android.com/security/bulletin/pixel/2017-12-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-13149
https://notcve.org/view.php?id=CVE-2017-13149
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872. Existe una vulnerabilidad de divulgación de información en el framework multimedia de Android (n/a). • https://source.android.com/security/bulletin/pixel/2017-12-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-13154
https://notcve.org/view.php?id=CVE-2017-13154
An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63666573. Existe una vulnerabilidad de elevación de privilegios en el framework multimedia de Android (libstagefright). • https://source.android.com/security/bulletin/pixel/2017-12-01 • CWE-416: Use After Free •
CVE-2017-13156 – Android Janus - APK Signature Bypass
https://notcve.org/view.php?id=CVE-2017-13156
An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847. Existe una vulnerabilidad de elevación de privilegios en el sistema de Android (art). • https://www.exploit-db.com/exploits/47601 https://github.com/xyzAsian/Janus-CVE-2017-13156 https://github.com/tea9/CVE-2017-13156-Janus https://github.com/M507/CVE-2017-13156 https://github.com/nahid0x1/Janus-Vulnerability-CVE-2017-13156-Exploit http://packetstormsecurity.com/files/155189/Android-Janus-APK-Signature-Bypass.html http://www.securityfocus.com/bid/102109 https://source.android.com/security/bulletin/2017-12-01 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2017-0845
https://notcve.org/view.php?id=CVE-2017-0845
A denial of service vulnerability in the Android framework (syncstorageengine). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35028827. Existe una vulnerabilidad de denegación de servicio en el framework de Android (syncstorageengine). • https://source.android.com/security/bulletin/pixel/2017-11-01 • CWE-732: Incorrect Permission Assignment for Critical Resource •