CVE-2017-0415 | Vulnerability Database | Aqua Security

An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32706020.

Affected Software

Name	Vendor	Start Version	End Version
Android	Google	6.0 (including)	6.0 (including)
Android	Google	6.0.1 (including)	6.0.1 (including)
Android	Google	7.0 (including)	7.0 (including)
Android	Google	7.1.0 (including)	7.1.0 (including)
Android	Google	7.1.1 (including)	7.1.1 (including)
Android	Ubuntu	esm-apps/xenial	*
Android	Ubuntu	trusty	*
Android	Ubuntu	vivid/stable-phone-overlay	*
Android	Ubuntu	xenial	*
Android	Ubuntu	yakkety	*
Android	Ubuntu	zesty	*

References

http://www.securityfocus.com/bid/96089
http://www.securitytracker.com/id/1037798
https://source.android.com/security/bulletin/2017-02-01.html
http://www.securityfocus.com/bid/96089
http://www.securitytracker.com/id/1037798
https://source.android.com/security/bulletin/2017-02-01.html

NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-0415
CWE	https://cwe.mitre.org/data/definitions/.html