CVE-2017-0716

2017-08-09 23:29:00 2019-10-03 02:03:26

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37203196.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Google Android 7.1.1 (not an official CPE) Google Android 7.1.0 (not an official CPE) Google Android 7.0 (not an official CPE) Google Android 6.0.1 (not an official CPE) Google Android 6.0 (not an official CPE) Google Android 7.1.2 (not an official CPE)

Google - Android

Advisory	Patch	Confirmed	Link
			100204
			https://source.android.com/security/bulletin/2017-08-01

Improper Validation of Array Index (ID 129)

Related CAPEC 1 Overflow Buffers (CAPEC-ID 100)