Lucene search
HistoryMar 06, 2008 - 12:44 a.m.
CVE-2008-0986
cve-2008-0986
integer overflow
bmp
libsgl.so
google android sdk
remote code execution
nvd
7.7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.091 Low
EPSS
Percentile
94.6%
Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field.
| CPE | Name | Operator | Version |
|---|---|---|---|
| google:android_sdk | google android sdk | le | m3-rc37a |
| google:android_sdk | google android sdk | eq | m5-rc14 |
References
Related
prion
prion
Integer overflow
2008-03-06 00:44:00
seebug
seebug
Androidθ½―δ»ΆεΌεε·₯ε
·ε
BMPζδ»Άε€ηζ΄ζ°ζΊ’εΊζΌζ΄
2008-03-06 00:00:00
securityvulns
securityvulns
Google Android SDK multiple security vulnerabilities
2008-03-05 00:00:00
CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK
2008-03-05 00:00:00
packetstorm
packetstorm
Core Security Technologies Advisory 2008.0124
2008-03-04 00:00:00
coresecurity
coresecurity
Multiple Vulnerabilities in Google's Android
2008-03-04 00:00:00
7.7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.091 Low
EPSS
Percentile
94.6%
Related for CVE-2008-0986