← voltar
CVE-2017-0587

CVE-2017-0587

EPSS 1.3%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
12 mai 2017Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35219737.
Produtos afetados
Google Inc. · Android

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://android.googlesource.com/platform/external/libmpeg2/+/a86eb798d077b9b25c8f8c77e3c02c2f287c1ce7https://source.android.com/security/bulletin/2017-05-01http://www.securityfocus.com/bid/98119