7.5

CVE-2017-0813

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36531046.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleAndroid Version7.0
GoogleAndroid Version7.1.0
GoogleAndroid Version7.1.1
GoogleAndroid Version7.1.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.93% 0.56
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-772 Missing Release of Resource after Effective Lifetime

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

https://source.android.com/security/bulletin/pixel/2017-10-01
Patch
Vendor Advisory
http://www.securityfocus.com/bid/101151
Third Party Advisory
VDB Entry
https://android.googlesource.com/platform/frameworks/av/+/7fa3f552a6f34ed05c15e64ea30b8eed53f77a41
Patch
Vendor Advisory
Issue Tracking