CVE-2017-0587

Name of the Vulnerable Software and Affected Versions Android versions 6.0 through 7.1.2

Description A remote code execution issue in libmpeg2 in Mediaserver could allow an attacker to cause memory corruption during media file and data processing using a specially crafted file. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. The vulnerability is caused by a buffer overflow in memory, which can be exploited by a remote attacker to damage memory and execute code remotely within the Mediaserver context using a specially crafted file.

Recommendations For Android versions 6.0 through 7.1.2, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.