Published: 06/11/2018 Updated: 18/12/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-77486542.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 8.0
google android 8.1

Kronos crims go retro, Apple builds cop portal, Swiss cheesed over Russian hack bid, etc

The Register • Shaun Nichols in San Francisco • 15 Sep 2018

Plus Grindr stalkers find a few good men illictly

Roundup This was the week of ice cold exploits, re-appearing JavaScript nasties, and of course Patch Tuesday. A few other things happened too… Microsoft and Adobe weren't the only ones to kick out monthly updates recently. Google also issued the September update for Android. This month, fixes included remote code execution flaws in the Android Runtime (CVE-2018-9466), Library (CVE-2018-9472) and Media Framework (CVE-2018-9411, CVE-2018-9427). The update also addresses a number of elevation of ...

CVE-2018-9427

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect