14 matches found
Integer overflow
In several functions that parse avrc response in avrcparsct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20483
In several functions that parse avrc response in avrcparsct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20410
In avrcctrlparsvendorrsp of avrcparsct.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...
CVE-2022-20221
In avrcctrlparsvendorcmd of avrcparsct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20221
CVE-2022-20221 affects Android devices with a vulnerability in avrc_ctrl_pars_vendor_cmd (avrc_pars_ct.cc) where improper input validation can cause an out-of-bounds read, enabling remote information disclosure over Bluetooth without extra privileges. The issue resides in the Bluetooth AVRCP pars...
Google Android Information Disclosure Vulnerability (CNVD-2022-61750)
Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability caused by incorrect input validation in avrc ctrlPARvendorcmd of avrcparsct.cc. An attacker could use this vulnerability to obtain sensitive...
Google Android Buffer Overflow Vulnerability (CNVD-2022-44549)
Google Android is a Linux-based open source operating system from Google, Inc. A buffer overflow vulnerability exists in avrcparsct.cc in avrcctrlparsvendorrsp, due to a lack of boundary checking. an out-of-bounds read may occur. An attacker could exploit this vulnerability to cause a remote...
CVE-2021-0504
In avrcparsbrowsersp of avrcparsct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-0504
CVE-2021-0504 describes an out-of-bounds read in the Bluetooth AVRCP parser (avrc_pars_browse_rsp in avrc_pars_ct.cc) due to a missing bounds check. This could enable remote information disclosure on Android 11 devices without additional execution privileges and with no user interaction (attack v...
CVE-2018-9542
In avrcparsvendorrsp of avrcparsct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0...
Out-of-bounds
In avrcparsvendorrsp of avrcparsct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0...
CVE-2017-13291
CVE-2017-13291 affects Android devices with vulnerable avrc_ctrl_pars_vendor_rsp in avrc_pars_ct.cc, caused by missing bounds checks that can trigger a NULL pointer dereference. This leads to remote denial of service without user interaction on Android versions 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. Th...
CVE-2017-13282
In avrcctrlparsvendorrsp of avrcparsct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1,...
Google Android Buffer Overflow Vulnerability (CNVD-2018-07849)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A stack overflow vulnerability exists in the avrcctrlparsvendorrsp in the avrcparsct.cc file in Android, which stems from a lack of boundary detection in the program. A remote...