Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and previous versions, and m5-rc14, allows remote malicious users to execute arbitrary code via a crafted BMP file with a header containing a negative offset field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android sdk m5-rc14 |
||
google android sdk |