Vulnerability CVE-2008-0986


Published: 2008-03-05   Modified: 2017-08-07

Description:
Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field.

See advisories in our WLB2 database:
Topic
Author
Date
High
Multiple vulnerabilities in Google\'s Android SDK
Alfredo Ortega.
12.03.2008

Vendor: Google
Product: Android sdk 
Version: m5-rc14; m3-rc37a;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
http://securityreason.com/securityalert/3727
http://www.coresecurity.com/?action=item&id=2148
http://www.securityfocus.com/archive/1/archive/1/489135/100/0/threaded
http://www.securityfocus.com/bid/28006
https://exchange.xforce.ibmcloud.com/vulnerabilities/40999

Related CVE
CVE-2017-9690
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a qbt1000 ioctl handler, an incorrect buffer size check has an integer overflow vulnerability potentially leading to a buffer overflow.
CVE-2017-9721
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the boot loader, a buffer overflow can occur while parsing the splash image.
CVE-2017-9696
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer over-read is possible in camera driver function msm_isp_stop_stats_stream. Variable stream_cfg_cmd->num_streams is from userspace, ...
CVE-2017-9701
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go fastboot commands data leak may occur, resulting from writing uninitialized stack structure to non-v...
CVE-2017-9702
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a user-space pointer is directly accessed in a camera driver.
CVE-2017-9719
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the kernel driver MDSS, a buffer overflow can occur in HDMI CEC parsing if frame size is out of range.
CVE-2017-8279
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection while updating msg mask table can lead to buffer over-read. Also access to freed memory can happen while...
CVE-2017-11093
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID)...

Copyright 2017, cxsecurity.com

 

Back to Top