Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-0663

Опубликовано: 14 июн. 2017
Источник: debian
EPSS Низкий

Описание

A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libxml2fixed2.9.4+dfsg1-3.1package

Примечания

  • https://bugzilla.gnome.org/show_bug.cgi?id=780228 (not yet public)

  • https://android.googlesource.com/platform/external/libxml2/+/521b88fbb6d18312923f0df653d045384b500ffc

  • Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/92b9e8c8b3787068565a1820ba575d042f9eec66

EPSS

Процентиль: 80%
0.0134
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2017-0663

CVSS3: 7.8
ubuntu
больше 8 лет назад

A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.

redhat логотип

CVE-2017-0663

CVSS3: 8.1
redhat
почти 9 лет назад

A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.

nvd логотип

CVE-2017-0663

CVSS3: 7.8
nvd
больше 8 лет назад

A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.

github логотип

GHSA-9cf7-h7g3-cg3p

CVSS3: 7.8
github
больше 3 лет назад

A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.

suse-cvrf логотип

openSUSE-SU-2017:1746-1

suse-cvrf
больше 8 лет назад

Security update for libxml2

EPSS

Процентиль: 80%
0.0134
Низкий