CVE-2016-2497

Name of the Vulnerable Software and Affected Versions Android versions 4.x before 4.4.4 Android versions 5.0.x before 5.0.2 Android versions 5.1.x before 5.1.1 Android versions 6.x before 2016-08-01

Description The issue allows attackers to increase intent-filter priority via a crafted application. This is caused by a buffer overflow in the services/core/java/com/android/server/pm/PackageManagerService.java file in the framework APIs. Exploitation of the issue may allow a remote attacker to increase the priority of an intent-filter using a specially crafted application.

Recommendations For Android versions 4.x before 4.4.4, update to version 4.4.4 or later. For Android versions 5.0.x before 5.0.2, update to version 5.0.2 or later. For Android versions 5.1.x before 5.1.1, update to version 5.1.1 or later. For Android versions 6.x before 2016-08-01, update to a version released after 2016-08-01.