Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-0594

Опубликовано: 12 мая 2017
Источник: ubuntu
Приоритет: medium
CVSS2: 9.3
CVSS3: 7.8

Описание

An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444.

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-apps/xenial

ignored

abandoned
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

needs-triage

vivid/stable-phone-overlay

ignored

end of life

Показывать по

Ссылки на источники

9.3 Critical

CVSS2

7.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-0594

CVSS3: 7.8
nvd
больше 8 лет назад

An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444.

github логотип

GHSA-f547-g27r-g9jh

CVSS3: 7.8
github
больше 3 лет назад

An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444.

fstec логотип

BDU:2017-01211

fstec
больше 8 лет назад

Уязвимость функции codecs/aacenc/SoftAACEncoder2.cpp службы libstagefright приложения Mediaserver операционной системы Android, позволяющая нарушителю выполнить произвольный код

9.3 Critical

CVSS2

7.8 High

CVSS3