exploitDog

CVE-2020-0161

Опубликовано: 11 июн. 2020

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

In parseChunk of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127973550

Ссылки

https://source.android.com/security/bulletin/pixel/2020-06-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2020-06-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00345

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-9vrh-qj2j-832m

github

больше 3 лет назад

In parseChunk of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127973550

EPSS

Процентиль: 57%

0.00345

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20