CVE-2016-6768
Last modified
CVE-2016-6768 is a vulnerability of currently unknown severity. A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. EPSS estimates a 0.81% chance of exploitation in the next 30 days.
Description
A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31631842.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Android | 5.0 | |
| Android | 5.0.1 | |
| Android | 5.0.2 | |
| Android | 5.1 | |
| Android | 5.1.0 | |
| Android | 5.1.1 | |
| Android | 6.0 | |
| Android | 6.0.1 | |
| Android | 7.0 |
References
- http://www.securityfocus.com/bid/94704Third Party Advisory, VDB Entry
- https://source.android.com/security/bulletin/2016-12-01.htmlVendor Advisory
- http://www.securityfocus.com/bid/94704Third Party Advisory, VDB Entry
- https://source.android.com/security/bulletin/2016-12-01.htmlVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-6768?
How severe is CVE-2016-6768?
How do I fix CVE-2016-6768?
Are you affected by CVE-2016-6768?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST