Published: 06/11/2018 Updated: 13/12/2018

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N

In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74202041.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 8.0
google android 8.1
google android 6.0
google android 7.0
google android 7.1.2
google android 6.0.1
google android 7.1.1

Vulnerability PoCs of Android Bluetoodh avrcp_CVE-2017-13281c is the CVE-2017-13281 poc code $ mv avrcp_CVE-2017-13281c blue-537/profiles/audio/avrcpc just replace blue-537/profiles/audio/avrcpc with poc, and compile the source code on ubuntu 1604， run bluetoothd manually, and paired my pixel xl with my laptop Once paired, the attack payload will be sent automatical

CWE-125 https://source.android.com/security/bulletin/2018-06-01 http://www.securityfocus.com/bid/104461 https://nvd.nist.gov https://github.com/denmilu/Bluedroid

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-9361

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect