Описание
Stack-based buffer overflow in the encode_key function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01042
Низкий
5.1 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Stack-based buffer overflow in the encode_key function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name.
EPSS
Процентиль: 77%
0.01042
Низкий
5.1 Medium
CVSS2
Дефекты
CWE-119