Lucene search

[email protected]NVD:CVE-2014-7920

HistoryApr 13, 2017 - 4:59 p.m.

CVE-2014-7920

2017-04-1316:59:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

44.0%

JSON

mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921.

Affected configurations

Nvd

Node

googleandroidMatch2.2

googleandroidMatch2.2rev1

googleandroidMatch2.2.1

googleandroidMatch2.2.2

googleandroidMatch2.2.3

googleandroidMatch2.3

googleandroidMatch2.3rev1

googleandroidMatch2.3.1

googleandroidMatch2.3.2

googleandroidMatch2.3.3

googleandroidMatch2.3.4

googleandroidMatch2.3.5

googleandroidMatch2.3.6

googleandroidMatch2.3.7

googleandroidMatch3.0

googleandroidMatch3.1

googleandroidMatch3.2

googleandroidMatch3.2.1

googleandroidMatch3.2.2

googleandroidMatch3.2.4

googleandroidMatch3.2.6

googleandroidMatch4.0

googleandroidMatch4.0.1

googleandroidMatch4.0.2

googleandroidMatch4.0.3

googleandroidMatch4.0.4

googleandroidMatch4.1

googleandroidMatch4.1.2

googleandroidMatch4.2

googleandroidMatch4.2.1

googleandroidMatch4.2.2

googleandroidMatch4.3

googleandroidMatch4.3.1

googleandroidMatch4.4

googleandroidMatch4.4.1

googleandroidMatch4.4.2

googleandroidMatch4.4.3

googleandroidMatch4.4.4

googleandroidMatch5.0

googleandroidMatch5.0.1

googleandroidMatch5.0.2

VendorProductVersionCPE
googleandroid2.2cpe:2.3:o:google:android:2.2:*:*:*:*:*:*:*
googleandroid2.2cpe:2.3:o:google:android:2.2:rev1:*:*:*:*:*:*
googleandroid2.2.1cpe:2.3:o:google:android:2.2.1:*:*:*:*:*:*:*
googleandroid2.2.2cpe:2.3:o:google:android:2.2.2:*:*:*:*:*:*:*
googleandroid2.2.3cpe:2.3:o:google:android:2.2.3:*:*:*:*:*:*:*
googleandroid2.3cpe:2.3:o:google:android:2.3:*:*:*:*:*:*:*
googleandroid2.3cpe:2.3:o:google:android:2.3:rev1:*:*:*:*:*:*
googleandroid2.3.1cpe:2.3:o:google:android:2.3.1:*:*:*:*:*:*:*
googleandroid2.3.2cpe:2.3:o:google:android:2.3.2:*:*:*:*:*:*:*
googleandroid2.3.3cpe:2.3:o:google:android:2.3.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	2.2	cpe:2.3:o:google:android:2.2:::::::*
google	android	2.2	cpe:2.3:o:google:android:2.2:rev1::::::
google	android	2.2.1	cpe:2.3:o:google:android:2.2.1:::::::*
google	android	2.2.2	cpe:2.3:o:google:android:2.2.2:::::::*
google	android	2.2.3	cpe:2.3:o:google:android:2.2.3:::::::*
google	android	2.3	cpe:2.3:o:google:android:2.3:::::::*
google	android	2.3	cpe:2.3:o:google:android:2.3:rev1::::::
google	android	2.3.1	cpe:2.3:o:google:android:2.3.1:::::::*
google	android	2.3.2	cpe:2.3:o:google:android:2.3.2:::::::*
google	android	2.3.3	cpe:2.3:o:google:android:2.3.3:::::::*

Rows per page:

1-10 of 411

References

android.googlesource.com/platform/frameworks/av/+/36d1577%5E%21/

bits-please.blogspot.com/2016/01/android-privilege-escalation-to.html

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

44.0%

JSON

Related for NVD:CVE-2014-7920

prion2 nvd1 cvelist2 cve2 android1