7.8

CVE-2016-0810

media/libmedia/SoundPool.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 mishandles locking requirements, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25781119.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleAndroid Version4.0
GoogleAndroid Version4.0.1
GoogleAndroid Version4.0.2
GoogleAndroid Version4.0.3
GoogleAndroid Version4.0.4
GoogleAndroid Version4.1
GoogleAndroid Version4.1.2
GoogleAndroid Version4.2
GoogleAndroid Version4.2.1
GoogleAndroid Version4.2.2
GoogleAndroid Version4.3
GoogleAndroid Version4.3.1
GoogleAndroid Version4.4
GoogleAndroid Version4.4.1
GoogleAndroid Version4.4.2
GoogleAndroid Version4.4.3
GoogleAndroid Version5.0
GoogleAndroid Version5.0.1
GoogleAndroid Version5.0.2
GoogleAndroid Version5.1
GoogleAndroid Version5.1.0
GoogleAndroid Version5.1.1
GoogleAndroid Version6.0
GoogleAndroid Version6.0.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.01% 0.017
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C