PT-2018-19007 · Google · Android
Publicado
2018-11-06
·
Atualizado
2018-12-12
·
CVE-2018-9437
CVSS v2.0
7.1
Alta
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions 6.0 through 8.1
Description
The issue is related to a possible out-of-bounds read in the
getstring function of ID3.cpp due to a missing bounds check. This could lead to a remote denial of service, and no additional execution privileges are needed. User interaction is required for exploitation.Recommendations
For Android versions 6.0 through 8.1, update to a version that includes the fix for this issue to prevent potential remote denial of service attacks.
Correção
Out of bounds Read
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android