PT-2014-5089 · Google · Android
Published
2014-07-02
·
Updated
2018-10-09
·
CVE-2014-3100
CVSS v2.0
5.1
Medium
| Vector | AV:N/AC:H/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Android version 4.3
Description
A stack-based buffer overflow issue exists in the encode key function within the KeyStore service, allowing attackers to execute arbitrary code. This could lead to the exposure of sensitive key information or the bypassing of restrictions on cryptographic operations. The issue can be triggered by a long key name.
Recommendations
For Android version 4.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android