exploitDog

CVE-2021-0411

Опубликовано: 25 окт. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

In flv extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561362; Issue ID: ALPS05561362.

Ссылки

https://corp.mediatek.com/product-security-bulletin/October-2021
Third Party Advisory
https://corp.mediatek.com/product-security-bulletin/October-2021
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 3%

0.00017

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-q3fm-m628-4xww

github

больше 3 лет назад

In flv extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561362; Issue ID: ALPS05561362.

EPSS

Процентиль: 3%

0.00017

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125