exploitDog

CVE-2019-9268

Опубликовано: 27 сент. 2019

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

In libstagefright, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-77474014

Ссылки

https://source.android.com/security/bulletin/android-10
Vendor Advisory
https://source.android.com/security/bulletin/android-10
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00013

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-416

Связанные уязвимости

GHSA-vqpx-27gj-qfc5

github

больше 3 лет назад

In libstagefright, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-77474014

EPSS

Процентиль: 2%

0.00013

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-416