CVE Vulnerabilities

CVE-2017-0595

Published: May 12, 2017 | Modified: Oct 03, 2019
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34705519.

Affected Software

Name Vendor Start Version End Version
Android Google 4.0 (including) 4.0 (including)
Android Google 4.0.1 (including) 4.0.1 (including)
Android Google 4.0.2 (including) 4.0.2 (including)
Android Google 4.0.3 (including) 4.0.3 (including)
Android Google 4.0.4 (including) 4.0.4 (including)
Android Google 4.1 (including) 4.1 (including)
Android Google 4.1.2 (including) 4.1.2 (including)
Android Google 4.2 (including) 4.2 (including)
Android Google 4.2.1 (including) 4.2.1 (including)
Android Google 4.2.2 (including) 4.2.2 (including)
Android Google 4.3 (including) 4.3 (including)
Android Google 4.3.1 (including) 4.3.1 (including)
Android Google 4.4 (including) 4.4 (including)
Android Google 4.4.1 (including) 4.4.1 (including)
Android Google 4.4.2 (including) 4.4.2 (including)
Android Google 4.4.3 (including) 4.4.3 (including)
Android Google 4.4.4 (including) 4.4.4 (including)
Android Google 5.0 (including) 5.0 (including)
Android Google 5.0.1 (including) 5.0.1 (including)
Android Google 5.0.2 (including) 5.0.2 (including)
Android Google 5.1 (including) 5.1 (including)
Android Google 5.1.0 (including) 5.1.0 (including)
Android Google 5.1.1 (including) 5.1.1 (including)
Android Google 6.0 (including) 6.0 (including)
Android Google 6.0.1 (including) 6.0.1 (including)
Android Google 7.0 (including) 7.0 (including)
Android Google 7.1.0 (including) 7.1.0 (including)
Android Google 7.1.1 (including) 7.1.1 (including)
Android Ubuntu esm-apps/xenial *
Android Ubuntu trusty *
Android Ubuntu vivid/stable-phone-overlay *
Android Ubuntu xenial *
Android Ubuntu yakkety *
Android Ubuntu zesty *

References