ID CVE-2017-13272 Type cve Reporter NVD Modified 2018-05-08T12:13:16
Description
In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67110137.
{"id": "CVE-2017-13272", "bulletinFamily": "NVD", "title": "CVE-2017-13272", "description": "In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67110137.", "published": "2018-04-04T13:29:01", "modified": "2018-05-08T12:13:16", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13272", "reporter": "NVD", "references": ["https://source.android.com/security/bulletin/2018-03-01", "http://www.securityfocus.com/bid/103253"], "cvelist": ["CVE-2017-13272"], "type": "cve", "lastseen": "2018-05-09T10:35:15", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": [], "cvelist": ["CVE-2017-13272"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67110137.", "edition": 1, "enchantments": {"score": {"modified": "2018-04-05T10:41:07", "value": 7.9, "vector": "AV:N/AC:M/Au:S/C:N/I:C/A:C/"}}, "hash": "1ef248be8d02e2addec4b999ffd2553888f1b29ef0c055464d9176b9d098ad01", "hashmap": [{"hash": "e5f839704d4589bb9bfa344cc05a5e3e", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "2da1005118875b8cb5bd2b03db4bcab4", "key": "title"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "adc78c7107aa3c2ee2fdd715579ca915", "key": "modified"}, {"hash": "bd3ce1009c5e0729c2abc994b7276357", "key": "description"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "2e51eec709353da7233ea8514a10ef03", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "254bd0523390a1f6c01797aacae17e49", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "adc78c7107aa3c2ee2fdd715579ca915", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13272", "id": "CVE-2017-13272", "lastseen": "2018-04-05T10:41:07", "modified": "2018-04-04T13:29:01", "objectVersion": "1.3", "published": "2018-04-04T13:29:01", "references": ["https://source.android.com/security/bulletin/2018-03-01"], "reporter": "NVD", "scanner": [], "title": "CVE-2017-13272", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2018-04-05T10:41:07"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": [], "cvelist": ["CVE-2017-13272"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67110137.", "edition": 2, "enchantments": {"score": {"value": 10.0, "vector": "NONE"}}, "hash": "2b6f83083ece07284548377a10b0c7a174c1ff6844285a5eef25f4d4f8b05545", "hashmap": [{"hash": "e5f839704d4589bb9bfa344cc05a5e3e", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "2da1005118875b8cb5bd2b03db4bcab4", "key": "title"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "bd3ce1009c5e0729c2abc994b7276357", "key": "description"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "2e51eec709353da7233ea8514a10ef03", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "660d4c6a33f36f846d3bcbc82f3b15ec", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "adc78c7107aa3c2ee2fdd715579ca915", "key": "published"}, {"hash": "fac7b84a9f684f3a542156265cfaaf6f", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13272", "id": "CVE-2017-13272", "lastseen": "2018-04-06T10:51:46", "modified": "2018-04-05T21:29:05", "objectVersion": "1.3", "published": "2018-04-04T13:29:01", "references": ["https://source.android.com/security/bulletin/2018-03-01", "http://www.securityfocus.com/bid/103253"], "reporter": "NVD", "scanner": [], "title": "CVE-2017-13272", "type": "cve", "viewCount": 0}, "differentElements": ["cvss", "modified", "cpe"], "edition": 2, "lastseen": "2018-04-06T10:51:46"}], "edition": 3, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "1a9098a12b8aa1b07c50d3cae3721004"}, {"key": "cvelist", "hash": "2e51eec709353da7233ea8514a10ef03"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "bd3ce1009c5e0729c2abc994b7276357"}, {"key": "href", "hash": "e5f839704d4589bb9bfa344cc05a5e3e"}, {"key": "modified", "hash": "08c4d2efb2cdfa5211c6d9d7ea3a4fb3"}, {"key": "published", "hash": "adc78c7107aa3c2ee2fdd715579ca915"}, {"key": "references", "hash": "660d4c6a33f36f846d3bcbc82f3b15ec"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "2da1005118875b8cb5bd2b03db4bcab4"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "8ca1d4f42368db9e7422ea9249613830f5c21d8529a8037d4e70eca0f0ffdd41", "viewCount": 0, "enchantments": {"score": {"value": 10.0, "vector": "NONE"}, "vulnersScore": 10.0}, "objectVersion": "1.3", "cpe": ["cpe:/o:google:android:8.0", "cpe:/o:google:android:7.0", "cpe:/o:google:android:8.1", "cpe:/o:google:android:7.1.2", "cpe:/o:google:android:7.1.1"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
