CVE-2018-9341
CVE-2018-9341
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
19 Nov 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Google · Android