CVE-2017-0588

Name of the Vulnerable Software and Affected Versions Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2

Description A remote code execution issue in the Mediaserver process could allow an attacker to cause memory corruption during media file and data processing using a specially crafted file. This issue is related to a buffer overflow operation in the id3/ID3.cpp component of libstagefright. The exploitation of this issue may enable an attacker to execute code remotely within the context of the Mediaserver process.

Recommendations For Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.