exploitDog

CVE-2020-0163

Опубликовано: 11 июн. 2020

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

In parseSampleAuxiliaryInformationSizes of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124525515

Ссылки

https://source.android.com/security/bulletin/pixel/2020-06-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2020-06-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00345

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-xj8x-7mfc-6m6j

github

больше 3 лет назад

In parseSampleAuxiliaryInformationSizes of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124525515

EPSS

Процентиль: 57%

0.00345

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20