PT-2018-1123 · Google · Android

Published

2018-03-05

Updated

2018-04-06

CVE-2016-10393

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Android versions (affected versions not specified)

Description The issue is related to an integer overflow in the Android operating system from the CAF repository. This can be exploited by a remote attacker to cause a buffer overflow in memory. The problem occurs when processing a clip with large size values, leading to integer arithmetic overflows. As a result, the allocated buffer size becomes less than the intended buffer size, causing subsequent buffer operations to overflow the allocated buffer.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-119

Related Identifiers

BDU:2018-00546

CVE-2016-10393

Affected Products

Android

PT-2018-1123 · Google · Android

CVE-2016-10393

Weakness Enumeration

Related Identifiers

Affected Products

References · 4