CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2017-0663
https://notcve.org/view.php?id=CVE-2017-0663
A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170. • http://www.debian.org/security/2017/dsa-3952 http://www.securityfocus.com/bid/98877 http://www.securitytracker.com/id/1038623 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/201711-01 https://source.android.com/security/bulletin/2017-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2017-0641
https://notcve.org/view.php?id=CVE-2017-0641
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34360591. • http://www.securityfocus.com/bid/98868 http://www.securitytracker.com/id/1038623 https://android.googlesource.com/platform/external/libvpx/+/698796fc930baecf5c3fdebef17e73d5d9a58bcb https://source.android.com/security/bulletin/2017-06-01 • CWE-665: Improper Initialization •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2017-0644
https://notcve.org/view.php?id=CVE-2017-0644
A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1. Android ID: A-35472997. • http://www.securityfocus.com/bid/98868 http://www.securitytracker.com/id/1038623 https://source.android.com/security/bulletin/2017-06-01 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-0646
https://notcve.org/view.php?id=CVE-2017-0646
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33899337. • http://www.securityfocus.com/bid/98871 http://www.securitytracker.com/id/1038623 https://source.android.com/security/bulletin/2017-06-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 29EXPL: 0CVE-2017-0600
https://notcve.org/view.php?id=CVE-2017-0600
A remote denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35269635. • https://android.googlesource.com/platform/frameworks/av/+/961e5ac5788b52304e64b9a509781beaf5201fb0 https://source.android.com/security/bulletin/2017-05-01 •