2 matches found
CVE-2018-9549
In lppTransposer of lpptran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...
CVE-2018-9549
CVE-2018-9549 is a concrete Android vulnerability in the Media Framework (lppTransposer function in lpp_tran.cpp) caused by a missing bounds check that enables a remote code execution via a crafted file. It affects Android versions 7.0 (Nougat) through 9 (Pie). The Android bulletin identifies it ...