CVE-2017-0382
Last modified
CVE-2017-0382 is a vulnerability of currently unknown severity. A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. EPSS estimates a 0.94% chance of exploitation in the next 30 days.
Description
A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32338390.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Android | 5.0 | |
| Android | 5.0.1 | |
| Android | 5.0.2 | |
| Android | 5.1 | |
| Android | 5.1.0 | |
| Android | 5.1.1 | |
| Android | 6.0 | |
| Android | 6.0.1 | |
| Android | 7.0 | |
| Android | 7.1.0 |
References
- http://www.securityfocus.com/bid/95247Third Party Advisory, VDB Entry
- https://source.android.com/security/bulletin/2017-01-01.htmlVendor Advisory
- http://www.securityfocus.com/bid/95247Third Party Advisory, VDB Entry
- https://source.android.com/security/bulletin/2017-01-01.htmlVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-0382?
How severe is CVE-2017-0382?
How do I fix CVE-2017-0382?
Are you affected by CVE-2017-0382?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST