PT-2017-10587 · Google · Android+1
Published
2017-06-14
·
Updated
2017-07-08
·
CVE-2017-0647
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2
Description
An information disclosure issue in libziparchive could allow a local malicious application to access data outside of its permission levels, potentially accessing sensitive data without permission.
Recommendations
For Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, update to a version that includes the fix for this issue to prevent potential data access without permission.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Libziparchive