CVE-2017-13290

MEDIUM Year: 2017
CVSS v3 Score
6.2
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-125
View all →

Vulnerability Description

In sdp_server_handle_client_req of sdp_server.cc, there is an out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69384124.

Related Vulnerabilities

CVE-2014-8716

MEDIUM
CVSS:6.2(Medium)

The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).

CWE-1252014

CVE-2017-13321

MEDIUM
CVSS:6.2(Medium)

In SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local i...

CWE-1252017

CVE-2018-9435

MEDIUM
CVSS:6.2(Medium)

In gatt_process_error_rsp of gatt_cl.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges ne...

CWE-1252018

CVE-2021-47244

MEDIUM
CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix out of bounds when parsing TCP options The TCP option parser in mptcp (mptcp_get_options) could read one byte out of boun...

CWE-1252021

CVE-2023-21118

MEDIUM
CVSS:6.2(Medium)

In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed....

CWE-1252023

CVE-2024-20107

MEDIUM
CVSS:6.2(Medium)

In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not nee...

CWE-1252024