← Volver a CVEs

CVE-2017-0594

N/A

Descripcion

An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444.

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado5/12/2017

Ultima modificacion4/20/2025

Fuentenvd

Avistamientos honeypot0

Productos afectados

google:android

Debilidades (CWE)

CWE-120

Referencias

http://www.securityfocus.com/bid/98128(security@android.com)

https://android.googlesource.com/platform/frameworks/av/+/594bf934384920618d2b6ce0bcda1f60144cb3eb(security@android.com)

https://source.android.com/security/bulletin/2017-05-01(security@android.com)

http://www.securityfocus.com/bid/98128(af854a3a-2127-422b-91ae-364da2661108)

https://android.googlesource.com/platform/frameworks/av/+/594bf934384920618d2b6ce0bcda1f60144cb3eb(af854a3a-2127-422b-91ae-364da2661108)

https://source.android.com/security/bulletin/2017-05-01(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.