9.3
CVSSv2

CVE-2017-0594

Published: 12/05/2017 Updated: 03/10/2019
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

google android 4.0.1

google android 4.0.2

google android 4.0.3

google android 4.0.4

google android 6.0

google android 6.0.1

google android 5.0

google android 5.0.1

google android 5.0.2

google android 4.2.2

google android 4.3

google android 4.3.1

google android 4.4

google android 7.1.2

google android 7.1.0

google android 5.1

google android 5.1.1

google android 4.1.2

google android 4.2.1

google android 4.4.1

google android 4.4.3

google android 7.0

google android 7.1.1

google android 5.1.0

google android 4.0

google android 4.1

google android 4.2

google android 4.4.2

google android 4.4.4

Vendor Advisories

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air (OTA) update The Google device firmware images have also been released to the Google Developer site Security patch levels of May 05, 2017 or later ...