PT-2019-16131 · FFmpeg+1 · Libmpeg2+1
Publicado
2019-04-19
·
Atualizado
2019-04-22
·
CVE-2019-2028
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions Android-7.0 through Android-9
Description
The issue is related to numerous hand-crafted functions in libmpeg2 where NEON registers are not preserved, potentially leading to remote code execution without requiring additional execution privileges. User interaction is necessary for exploitation.
Recommendations
For Android versions Android-7.0 through Android-9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android
Libmpeg2