Published: 12/01/2018 Updated: 03/10/2019

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67474440.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 6.0.1
google android 7.0
google android 7.1.1
google android 7.1.2
google android 6.0
google android 8.0
google android 5.1.1
google android 8.1

CVE-2017-13208-Scanner nvdnistgov/vuln/detail/CVE-2017-13208 Introduction This is a simple script capable of detecting the CVE-2017-13208 vulnerability in Android libnetutilsso files How it works Using r2pipe, the script checks whether dhcp_size's value is checked, if it isn't - the file is vulnerable All of the different libnetutilsso files that were re

CWE-119 https://source.android.com/security/bulletin/2018-01-01 http://www.securitytracker.com/id/1040106 http://www.securityfocus.com/bid/102415 https://nvd.nist.gov https://github.com/idanshechter/CVE-2017-13208-Scanner

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-13208

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect