CVE-2017-2726

HIGH Year: 2017
CVSS v3 Score
8.4
High
CVSS v2 Score
9.3
Critical
Weakness Type
CWE-119
View all →

Vulnerability Description

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system reboot, causing continuous system reboot or arbitrary code execution.

Related Vulnerabilities

CVE-2011-1282

HIGH
CVSS:8.4(High)

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and ...

CWE-1192011

CVE-2013-2597

HIGH
CVSS:8.4(High)

Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions f...

CWE-1192013

CVE-2016-0135

HIGH
CVSS:8.4(High)

The Secondary Logon Service in Microsoft Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability."

CWE-1192016

CVE-2016-0840

HIGH
CVSS:8.4(High)

Multiple stack-based buffer underflows in decoder/ih264d_parse_cavlc.c in mediaserver in Android 6.x before 2016-04-01 allow remote attackers to execute arbitrary code or cause a denial of service (me...

CWE-1192016

CVE-2016-0842

HIGH
CVSS:8.4(High)

The H.264 decoder in libstagefright in Android 6.x before 2016-04-01 mishandles Memory Management Control Operation (MMCO) data, which allows remote attackers to execute arbitrary code or cause a deni...

CWE-1192016