Lucene search
HistoryMar 06, 2008 - 12:44 a.m.
CVE-2008-0985
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.094
Percentile
94.7%
Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37a and earlier allows remote attackers to execute arbitrary code via a crafted GIF file whose logical screen height and width are different than the actual height and width.
Affected configurations
Node
googleandroid_sdkMatchm3-rc37a
| Vendor | Product | Version | CPE |
|---|---|---|---|
| android_sdk | m3-rc37a | cpe:2.3:a:google:android_sdk:m3-rc37a:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2008-0985
2008-03-06 00:00:00
cve
cve
CVE-2008-0985
2008-03-06 00:44:00
prion
prion
Heap overflow
2008-03-06 00:44:00
exploitdb
exploitdb
Google Android Web Browser - '.GIF' File Heap Buffer Overflow
2008-03-04 00:00:00
securityvulns
securityvulns
CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK
2008-03-05 00:00:00
packetstorm
packetstorm
Core Security Technologies Advisory 2008.0124
2008-03-04 00:00:00
coresecurity
coresecurity
Multiple Vulnerabilities in Google's Android
2008-03-04 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.094
Percentile
94.7%
Related for NVD:CVE-2008-0985