CVE-2008-0986
CVE-2008-0986 describes an integer overflow in the Android libsgl.so BMP reader (BMP::readFromStream) used in Google Android SDK m3-rc37a and earlier, and m5-rc14. When the BMP header’s offset field is negative and the DIB header specifies 8 bpp, the parser allocates a palette using the negative ...