ID CVE-2017-13272
Type cve
Reporter cve@mitre.org
Modified 2018-05-08T16:13:00
Description
In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67110137.
{"id": "CVE-2017-13272", "bulletinFamily": "NVD", "title": "CVE-2017-13272", "description": "In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67110137.", "published": "2018-04-04T17:29:00", "modified": "2018-05-08T16:13:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13272", "reporter": "cve@mitre.org", "references": ["https://source.android.com/security/bulletin/2018-03-01", "http://www.securityfocus.com/bid/103253"], "cvelist": ["CVE-2017-13272"], "type": "cve", "lastseen": "2019-05-29T18:16:48", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "54609eeac1eb7c17ce6fc83675df9f41"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "b5be9483945b385b92eec75197549f45"}, {"key": "cpe23", "hash": "fb6261bb04e55afc207d65f15101c5da"}, {"key": "cvelist", "hash": "2e51eec709353da7233ea8514a10ef03"}, {"key": "cvss", "hash": "edfca85c4c320ffaa9dcfdcb6a20ce1d"}, {"key": "cvss2", "hash": "729f98bc4a65b3e0e24ddfee3d3c4450"}, {"key": "cvss3", "hash": "48cec8f43ff700f672081508fe3d5099"}, {"key": "cwe", "hash": "6e8bd440f4fb55ae63bba09dfc27a808"}, {"key": "description", "hash": "bd3ce1009c5e0729c2abc994b7276357"}, {"key": "href", "hash": "e5f839704d4589bb9bfa344cc05a5e3e"}, {"key": "modified", "hash": "594cd3176a7b3d4165deb1ec25796521"}, {"key": "published", "hash": "c4ffa28ca6ad4dc75da3a328bcc4d4a6"}, {"key": "references", "hash": "660d4c6a33f36f846d3bcbc82f3b15ec"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "2da1005118875b8cb5bd2b03db4bcab4"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "59c882d60e4bb63e1f31f64d9b741127f855b16ab36b53a78589076d208f9255", "viewCount": 0, "enchantments": {"score": {"value": 6.1, "vector": "NONE", "modified": "2019-05-29T18:16:48"}, "dependencies": {"references": [], "modified": "2019-05-29T18:16:48"}, "vulnersScore": 6.1}, "objectVersion": "1.3", "cpe": ["cpe:/a:google:android:8.1", "cpe:/a:google:android:7.1.1", "cpe:/a:google:android:8.0", "cpe:/o:google:android:8.0", "cpe:/o:google:android:7.0", "cpe:/o:google:android:8.1", "cpe:/o:google:android:7.1.2", "cpe:/a:google:android:7.1.2", "cpe:/a:google:android:7.0", "cpe:/o:google:android:7.1.1"], "affectedSoftware": [{"name": "google android", "operator": "eq", "version": "7.0"}, {"name": "google android", "operator": "eq", "version": "7.1.2"}, {"name": "google android", "operator": "eq", "version": "8.1"}, {"name": "google android", "operator": "eq", "version": "7.1.1"}, {"name": "google android", "operator": "eq", "version": "8.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "cpe23": ["cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*"], "cwe": ["CWE-416"]}
{}