NVD

Id
17172  
Name
CVE-2016-0811  
Description
Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in libmediaplayerservice in Android 6.x before 2016-02-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an improper size calculation, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25800375.  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:N/A:N)  
Pub Date
2017-01-19  
Published
2016-02-06  
Modified Date
2016-03-14  
Seq
2016-0811  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
95557 17172 CVE-2016-0811 http://source.android.com/security/bulletin/2016-02-01.html  View
95558 17172 CVE-2016-0811 https://android.googlesource.com/platform%2Fframeworks%2Fav/+/22f824feac43d5758f9a70b77f2aca840ba62c3b  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
830 JVNDB-2016-001603 Android の libmediaplayerservice の media/libmedia/ICrypto.cpp 関数における整数オーバーフローの脆弱性 Android の libmediaplayerservice の media/libmedia/ICrypto.cpp の BnCrypto::onTransact 関数には、整数オーバーフローの脆弱性が存在します。 CVE-2016-0811 87015 CVE-2016-0811 17172 7.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-001603.html 2016-02-01 2016-03-16 View