PT-2014-5089 · Google · Android
Publicado
2014-07-02
·
Atualizado
2018-10-09
·
CVE-2014-3100
CVSS v2.0
5.1
Média
| Vetor | AV:N/AC:H/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Android version 4.3
Description
A stack-based buffer overflow issue exists in the encode key function within the KeyStore service, allowing attackers to execute arbitrary code. This could lead to the exposure of sensitive key information or the bypassing of restrictions on cryptographic operations. The issue can be triggered by a long key name.
Recommendations
For Android version 4.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android