cvelist/2018/9xxx/CVE-2018-9521.json

{
    "CVE_data_meta": {
        "ASSIGNER": "security@android.com",
        "ID": "CVE-2018-9521",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Android",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "Android-9"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Google Inc."
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-111874331"
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Remote code execution"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "105865",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/105865"
            },
            {
                "name": "https://source.android.com/security/bulletin/2018-11-01",
                "refsource": "CONFIRM",
                "url": "https://source.android.com/security/bulletin/2018-11-01"
            }
        ]
    }
}
- Synchronized data. 2018-04-05 22:03:54 -04:00			`{`
"-Synchronized-Data." 2019-03-18 00:31:49 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "security@android.com",`
			`"ID": "CVE-2018-9521",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Android",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "Android-9"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "Google Inc."`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
- Added submission from Google Android for November 2018 Android Security Bulletin from 2018-11-05. 2018-11-14 12:09:43 -05:00			`{`
"-Synchronized-Data." 2019-03-18 00:31:49 +00:00			`"lang": "eng",`
			`"value": "In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-111874331"`
- Added submission from Google Android for November 2018 Android Security Bulletin from 2018-11-05. 2018-11-14 12:09:43 -05:00			`}`
"-Synchronized-Data." 2019-03-18 00:31:49 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Remote code execution"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "105865",`
			`"refsource": "BID",`
			`"url": "http://www.securityfocus.com/bid/105865"`
			`},`
			`{`
			`"name": "https://source.android.com/security/bulletin/2018-11-01",`
			`"refsource": "CONFIRM",`
			`"url": "https://source.android.com/security/bulletin/2018-11-01"`
			`}`
			`]`
			`}`
			`}`