We found results for “”
CVE-2020-0408
Good to know:
Date: October 14, 2020
In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-156999009
Language: Java
Severity Score
Severity Score
Weakness Type (CWE)
Integer Overflow or Wraparound
CWE-190Top Fix
Upgrade Version
Upgrade to version android-8.0.0_r51,android-8.1.0_r81,android-9.0.0_r60,android-10.0.0_r46, android-11.0.0_r4
CVSS v3
Base Score: |
|
---|---|
Attack Vector (AV): | |
Attack Complexity (AC): | |
Privileges Required (PR): | |
User Interaction (UI): | |
Scope (S): | |
Confidentiality (C): | COMPLETE |
Integrity (I): | COMPLETE |
Availability (A): | COMPLETE |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | |
Access Complexity (AC): | |
Authentication (AU): | |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |
Additional information: |