cvelist/2017/0xxx/CVE-2017-0591.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "security@google.com",
      "ID" : "CVE-2017-0591",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Android",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "6.0"
                              },
                              {
                                 "version_value" : "6.0.1"
                              },
                              {
                                 "version_value" : "7.0"
                              },
                              {
                                 "version_value" : "7.1.1"
                              },
                              {
                                 "version_value" : "7.1.2"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Google Inc."
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34097672."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Remote code execution"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d",
            "refsource" : "CONFIRM",
            "url" : "https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d"
         },
         {
            "name" : "https://source.android.com/security/bulletin/2017-05-01",
            "refsource" : "CONFIRM",
            "url" : "https://source.android.com/security/bulletin/2017-05-01"
         },
         {
            "name" : "98124",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/98124"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "security@google.com",`
			`"ID" : "CVE-2017-0591",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"product_name" : "Android",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"version" : {`
			`"version_data" : [`
			`{`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"version_value" : "6.0"`
			`},`
			`{`
			`"version_value" : "6.0.1"`
			`},`
			`{`
			`"version_value" : "7.0"`
			`},`
			`{`
			`"version_value" : "7.1.1"`
			`},`
			`{`
			`"version_value" : "7.1.2"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"vendor_name" : "Google Inc."`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34097672."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"value" : "Remote code execution"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://source.android.com/security/bulletin/2017-05-01",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://source.android.com/security/bulletin/2017-05-01"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "98124",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/98124"`
			`}`
			`]`
			`}`
			`}`