CVE-2017-0411

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33042690.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*

History

21 Nov 2024, 03:02

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/96056 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/96056 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1037798 - () http://www.securitytracker.com/id/1037798 -
References () https://source.android.com/security/bulletin/2017-02-01.html - Vendor Advisory () https://source.android.com/security/bulletin/2017-02-01.html - Vendor Advisory
References () https://www.exploit-db.com/exploits/41354/ - () https://www.exploit-db.com/exploits/41354/ -

Information

Published : 2017-02-08 15:59

Updated : 2024-11-21 03:02


NVD link : CVE-2017-0411

Mitre link : CVE-2017-0411

CVE.ORG link : CVE-2017-0411


JSON object : View

Products Affected

google

  • android
CWE
CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition