Vulnerability Data

by Reconmap

CVE-2017-0393

A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-30436808.

Published at
2017-01-12T20:59Z
2665 days ago
Modified
2019-10-03T00:03Z
1672 days ago
NVD-CWE-noinfo
Problem type

Impact

CVSS v3 vector string
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Severity Score Vector

5.5CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References


URLType
source.android.com
https://source.android.com/security/bulletin/2017-01-01.html		CONFIRM
android.googlesource.com
https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc		CONFIRM
95230
http://www.securityfocus.com/bid/95230		BID

GET https://vulnerabilitydata.com/api/details/CVE-2017-0393

{
	"id": "CVE-2017-0393",
	"published_date": "2017-01-12T20:59Z",
	"last_modified_date": "2019-10-03T00:03Z",
	"assigner": "security@android.com",
	"description": "A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-30436808.",
	"references": [
		{
			"url": "https://source.android.com/security/bulletin/2017-01-01.html",
			"name": "https://source.android.com/security/bulletin/2017-01-01.html",
			"refsource": "CONFIRM",
			"tags": [
				"Vendor Advisory"
			]
		},
		{
			"url": "https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc",
			"name": "https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc",
			"refsource": "CONFIRM",
			"tags": [
				"Issue Tracking",
				"Patch"
			]
		},
		{
			"url": "http://www.securityfocus.com/bid/95230",
			"name": "95230",
			"refsource": "BID",
			"tags": [
				"Third Party Advisory",
				"VDB Entry"
			]
		}
	],
	"impact": {
		"baseMetricV3": {
			"cvssV3": {
				"version": "3.0",
				"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
				"attackVector": "LOCAL",
				"attackComplexity": "LOW",
				"privilegesRequired": "NONE",
				"userInteraction": "REQUIRED",
				"scope": "UNCHANGED",
				"confidentialityImpact": "NONE",
				"integrityImpact": "NONE",
				"availabilityImpact": "HIGH",
				"baseScore": 5.5,
				"baseSeverity": "MEDIUM"
			},
			"exploitabilityScore": 1.8,
			"impactScore": 3.6
		},
		"baseMetricV2": {
			"cvssV2": {
				"version": "2.0",
				"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
				"accessVector": "NETWORK",
				"accessComplexity": "MEDIUM",
				"authentication": "NONE",
				"confidentialityImpact": "NONE",
				"integrityImpact": "NONE",
				"availabilityImpact": "COMPLETE",
				"baseScore": 7.1
			},
			"severity": "HIGH",
			"exploitabilityScore": 8.6,
			"impactScore": 6.9,
			"obtainAllPrivilege": false,
			"obtainUserPrivilege": false,
			"obtainOtherPrivilege": false,
			"userInteractionRequired": true
		}
	},
	"problem_type": "NVD-CWE-noinfo"
}