CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 2CVE-2008-0986 – Google Android Web Browser - '.BMP' File Integer Overflow
https://notcve.org/view.php?id=CVE-2008-0986
Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field. Desbordamiento de entero en el método BMP::readFromStream de la librería libsgl.so de Google Android SDK m3-rc37a y versiones anteriores, y m5-rc14, permite a atacantes remotos la ejecución de código de su elección a través de un fichero BMP manipulado con una cabecera que contiene un campo desplazamiento (offset) negativo. • https://www.exploit-db.com/exploits/31308 http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html http://securityreason.com/securityalert/3727 http://www.coresecurity.com/?action=item&id=2148 http://www.securityfocus.com/archive/1/489135/100/0/threaded http://www.securityfocus.com/bid/28006 https://exchange.xforce.ibmcloud.com/vulnerabilities/40999 • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 9%CPEs: 1EXPL: 2CVE-2008-0985 – Google Android Web Browser - '.GIF' File Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0985
Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37a and earlier allows remote attackers to execute arbitrary code via a crafted GIF file whose logical screen height and width are different than the actual height and width. Desbordamiento de búfer basado en montículo en la librería GIF del marco de trabajo WebKit en Google Android SDK m3-rc37a y versiones anteriores permite a atacantes remotos la ejecución de código de su elección mediante un archivo GIF manipulado cuyas dimensiones lógicas (alto y ancho) son diferentes a las reales. • https://www.exploit-db.com/exploits/31307 http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html http://securityreason.com/securityalert/3727 http://www.coresecurity.com/?action=item&id=2148 http://www.securityfocus.com/archive/1/489135/100/0/threaded http://www.securityfocus.com/bid/28005 https://exchange.xforce.ibmcloud.com/vulnerabilities/40998 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •