mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
93 lines
3.4 KiB
JSON
93 lines
3.4 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2017-13310",
|
|
"ASSIGNER": "security@android.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Google",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Android",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.0."
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "6.0.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "7"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "8"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "8.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "nyc-mr1-dev"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "nyc-mr2-dev"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://source.android.com/security/bulletin/2018-05-01",
|
|
"refsource": "MISC",
|
|
"name": "https://source.android.com/security/bulletin/2018-05-01"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.2.0"
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
}
|
|
} |