Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistOPPOCVELIST:CVE-2020-11828
HistoryApr 21, 2020 - 1:42 p.m.

CVE-2020-11828

2020-04-2113:42:04
OPPO
www.cve.org

0.002 Low

EPSS

Percentile

53.4%

JSON

In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR.

CNA Affected

[
  {
    "product": "Color OS",
    "vendor": "Oppo",
    "versions": [
      {
        "status": "affected",
        "version": "6"
      },
      {
        "status": "affected",
        "version": "7"
      }
    ]
  }
]

Related

prion 1
cve 1
nvd 1
prion
prion
Design/Logic Flaw
2020-04-21 14:15:00
cve
cve
CVE-2020-11828
2020-04-21 14:15:11
nvd
nvd
CVE-2020-11828
2020-04-21 14:15:11

0.002 Low

EPSS

Percentile

53.4%

JSON
Related for CVELIST:CVE-2020-11828
prion1cve1nvd1