CVE-2017-13178

🗓️ 12 Jan 2018 23:00:00Reported by google_androidType

Out-of-bounds write in SoftAVCDec initDecoder function can lead to remote code execution on Android

Reporter	Title	Published	Views	Family All 8
Android Security Bulletins	Android Security Bulletin—January 2018Stay organized with collectionsSave and categorize content based on your preferences.	2 Jan 201800:00	–	androidsecurity
android	CVE-2017-13178	1 Jan 201800:00	–	android
CNVD	Google Android Media Framework Remote Code Execution Vulnerability (CNVD-2018-00633)	8 Jan 201800:00	–	cnvd
Cvelist	CVE-2017-13178	12 Jan 201823:00	–	cvelist
EUVD	EUVD-2017-4695	7 Oct 202500:30	–	euvd
NVD	CVE-2017-13178	12 Jan 201823:29	–	nvd
OSV	CVE-2017-13178	12 Jan 201823:29	–	osv
Prion	Design/Logic Flaw	12 Jan 201823:29	–	prion

NVD

Vulners

Node

google androidMatch6.0

google androidMatch6.0.1

google androidMatch7.0

google androidMatch7.1.1

google androidMatch7.1.2

google androidMatch8.0

google androidMatch8.1

[
  {
    "product": "Android",
    "vendor": "Google Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.1"
      },
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.1.1"
      },
      {
        "status": "affected",
        "version": "7.1.2"
      },
      {
        "status": "affected",
        "version": "8.0"
      },
      {
        "status": "affected",
        "version": "8.1"
      }
    ]
  }
]

Source	Link
source	www.source.android.com/security/bulletin/2018-01-01
securityfocus	www.securityfocus.com/bid/102414
securitytracker	www.securitytracker.com/id/1040106

21 Nov 2024 03:11Current

9.3High risk

Vulners AI Score9.3

CVSS 39.8

CVSS 210

EPSS0.03421