CVE-2017-13228

{"id": "CVE-2017-13228", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2018-02-12T19:29:00.227", "references": [{"url": "http://www.securityfocus.com/bid/102976", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@android.com"}, {"url": "https://source.android.com/security/bulletin/2018-02-01", "tags": ["Vendor Advisory"], "source": "security@android.com"}, {"url": "http://www.securityfocus.com/bid/102976", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://source.android.com/security/bulletin/2018-02-01", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69478425."}, {"lang": "es", "value": "En la funci\u00f3n ih264d_ref_idx_reordering de libavc, hay una escritura fuera de l\u00edmites debido a que modCount se define como car\u00e1cter no firmado. Esto podr\u00eda llevar a una ejecuci\u00f3n remota de c\u00f3digo sin necesitar privilegios de ejecuci\u00f3n adicionales. No se necesita interacci\u00f3n del usuario para explotarlo. Producto: Android. Versiones: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69478425."}], "lastModified": "2024-11-21T03:11:11.920", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E70C6D8D-C9C3-4D92-8DFC-71F59E068295"}, {"criteria": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "691FA41B-C2CE-413F-ABB1-0B22CB322807"}, {"criteria": "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09E6085C-A61E-4A89-BF80-EDD9A7DF1E47"}, {"criteria": "cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D835D592-2423-44C6-804A-3AD010112E7C"}, {"criteria": "cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "568E2561-A068-46A2-B331-BBA91FC96F0C"}, {"criteria": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B578E383-0D77-4AC7-9C81-3F0B8C18E033"}, {"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2"}], "operator": "OR"}]}], "sourceIdentifier": "security@android.com"}