7 matches found
ASB-A-168802990
In avrcparsvendorcmd of avrcparstg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2020-27021
CVE-2020-27021 is an Android 11 vulnerability documented in the Pixel security bulletin under the System component with type “ID” (Information disclosure) and moderate severity. The issue is described elsewhere as an out-of-bounds read in avrc_ctrl_pars_vendor_cmd of avrc_pars_tg.cc, enabling loc...
CVE-2017-13267
In avrcparsvendorcmd of avrcparstg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0...
CVE-2017-13281
In avrcparsbrowsingcmd of avrcparstg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1...
CVE-2017-13267
CVE-2017-13267 affects Android's avrc_pars_vendor_cmd in avrc_pars_tg.cc, with a stack corruption risk due to a missing bounds check. The vulnerability enables remote escalation of privilege with no user interaction, as described in the NVD entry (CVE-2017-13267) and reflected in the Android Secu...
CVE-2017-13267
In avrcparsvendorcmd of avrcparstg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0...
CVE-2017-13281
CVE-2017-13281 affects Android 8.0–8.1, where avrc_pars_browsing_cmd in avrc_pars_tg.cc can overflow a stack buffer due to an improper bounds check, enabling remote code execution without user interaction. Affected product: Android OS; vulnerable component: avrc_pars_browsing_cmd (in avrc_pars_tg...