Published: 07/06/2019 Updated: 11/06/2019

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

In huff_dec_1D of nlc_dec.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-119292397.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 9.0

It's that time again: Android kicks off June's patch parade with fixes for five hijack holes

The Register • Shaun Nichols in San Francisco • 05 Jun 2019

Updates are on the way… if you have a Google device, at least Titan-ic disaster: Bluetooth blunder sinks Google's 2FA keys, free replacements offered

Google has released its June bundle of security vulnerability patches for Android, with fixes for 22 CVE-listed flaws included. This month's update, including eight critical fixes, includes patches to close up four confirmed remote code execution vulnerabilities. Google says none of the bugs have been targeted in the wild, yet. Those with Google-branded devices like the Pixel phone line will get the update directly from the Chocolate Factory, while others will need to rely on their vendor or car...

CVE-2019-2093

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect