admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2019/CVE-2019-2107.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

56 lines
2.7 KiB
Markdown
Raw Blame History

### [CVE-2019-2107](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2107)
![](https://img.shields.io/static/v1?label=Product&message=Android&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Android-7.0%20Android-7.1.1%20Android-7.1.2%20Android-8.0%20Android-8.1%20Android-9%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20code%20execution&color=brightgreen)
### Description
In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130024844.
### POC
#### Reference
- http://packetstormsecurity.com/files/153628/Android-VideoPlayer-ihevcd_parse_pps-Out-Of-Bounds-Write.html
- http://seclists.org/fulldisclosure/2019/Jul/18
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CnHack3r/Penetration_PoC
- https://github.com/CrackerCat/CVE-2019-2107
- https://github.com/EchoGin404/-
- https://github.com/EchoGin404/gongkaishouji
- https://github.com/GhostTroops/TOP
- https://github.com/JERRY123S/all-poc
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/Tyro-Shan/gongkaishouji
- https://github.com/YIXINSHUWU/Penetration_Testing_POC
- https://github.com/ZTK-009/Penetration_PoC
- https://github.com/alphaSeclab/sec-daily-2019
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/eugenekolo/github-scripts
- https://github.com/hasee2018/Penetration_Testing_POC
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/TOP
- https://github.com/huike007/penetration_poc
- https://github.com/huike007/poc
- https://github.com/huisetiankong478/penetration_poc
- https://github.com/huisetiankong478/poc
- https://github.com/infiniteLoopers/CVE-2019-2107
- https://github.com/jbmihoub/all-poc
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/marcinguy/CVE-2019-2107
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/password520/Penetration_PoC
- https://github.com/pentration/gongkaishouji
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yedada-wei/-
- https://github.com/yedada-wei/gongkaishouji
Reference in New Issue View Git Blame Copy Permalink