CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2011-1001
https://notcve.org/view.php?id=CVE-2011-1001
08 Jul 2011 — dexdump in Android SDK before 2.3 does not properly perform structural verification, which allows user-assisted remote attackers to cause a denial of service (dexdump crash) and possibly execute arbitrary code via a malformed APK or dex file that calls a method using more arguments than the number of register that have been declared for that method. dexdump en Android SDK antes de v2.3 no realiza correctamente la verificación estructural, lo que permite a atacantes remotos asistidos por el usuario provocar ... • http://android.git.kernel.org/?p=platform/dalvik.git%3Ba=commit%3Bh=4b0750e8df91220690bb417f45d7ae8b7851b220 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0606
https://notcve.org/view.php?id=CVE-2009-0606
17 Feb 2009 — The link_image function in linker/linker.c in the dynamic linker in Bionic in Open Handset Alliance Android 1.0 on the T-Mobile G1 phone does not properly handle file descriptors 0, 1, and 2 for a setgid program, which allows local users to create arbitrary files owned by certain groups, possibly a related issue to CVE-2002-0820. La función link_image en linker/linker.c en the dynamic linker en Bionic en Open Handset Alliance Android v1.0 en el teléfono T-Mobile G1 no maneja adecuadamente los descriptores d... • http://www.securityfocus.com/archive/1/500753/100/0/threaded • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0607
https://notcve.org/view.php?id=CVE-2009-0607
17 Feb 2009 — Multiple integer overflows in malloc_leak.c in Bionic in Open Handset Alliance Android 1.0 have unknown impact and attack vectors, related to the (1) chk_calloc and (2) leak_calloc functions. Múltiples desbordamientos de entero en malloc_leak.c en Bionic en Open Handset Alliance Android v1.0 tienen un impacto y vectores de ataque desconocidos, relacionado con las funciones (1)chk_calloc y (2)leak_calloc, • http://www.securityfocus.com/archive/1/500753/100/0/threaded • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0608
https://notcve.org/view.php?id=CVE-2009-0608
17 Feb 2009 — Integer overflow in the showLog function in fake_log_device.c in liblog in Open Handset Alliance Android 1.0 allows attackers to trigger a buffer overflow and possibly have unspecified other impact by sending a large number of input lines. Desbordamiento de entero en la función showLog en fake_log_device.c en liblog en Open Handset Alliance Android v1.0 permite a atacantes provocar un desbordamiento de búfer y posiblemente tener otro impacto no especificado mediante el envío de de un gran número de líneas d... • http://www.securityfocus.com/archive/1/500753/100/0/threaded • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 7%CPEs: 2EXPL: 2CVE-2008-0986 – Google Android Web Browser - '.BMP' File Integer Overflow
https://notcve.org/view.php?id=CVE-2008-0986
06 Mar 2008 — Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field. Desbordamiento de entero en el método BMP::readFromStream de la librería libsgl.so de Google Android SDK m3-rc37a y versiones anteriores, y m5-rc14, permite a atacantes remotos la ejecución de código de su elección a través de un fichero BMP manipulado con... • https://www.exploit-db.com/exploits/31308 • CWE-189: Numeric Errors •