← voltar
CVE-2017-0539

CVE-2017-0539

EPSS 1.6%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
07 abr 2017Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33864300.
Produtos afetados
Google Inc. · Android

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://android.googlesource.com/platform/external/libhevc/+/1ab5ce7e42feccd49e49752e6f58f9097ac5d254https://source.android.com/security/bulletin/2017-04-01http://www.securityfocus.com/bid/97330http://www.securitytracker.com/id/1038201