2 matches found
CVE-2017-13287
In createFromParcel of VerifyCredentialResponse.java, there is a possible invalid parcel read due to improper input validation. This could lead to local escalation of privilege if mPayload in writeToParcel were null, with no additional execution privileges needed. User interaction is not needed f...
CVE-2017-13287
CVE-2017-13287 is an Elevation of Privilege vulnerability in Android’s VerifyCredentialResponse.java. In createFromParcel, there is a possible invalid parcel read caused by insufficient input validation. If mPayload in writeToParcel is null, this could allow a local attacker to escalate privilege...