CVE-2016-10476 in Androidinformazioni

Riassunto

di MITRE

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, missing array index checks on app index in function qcril_uim_clear_encrypted_pin results in accessing addresses outside the bounds of the buffer when app index is too large.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

16/08/2017

Divulgazione

18/04/2018

Moderazione

accettato

Voce

VDB-116532

CPE

pronto

CWE

CWE-119 (confermato)

CVSS

9.8 (NVD)

EPSS

0.01269

KEV

Attività

molto basso

Settore

Police, Lawfirm, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-10476
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-10476
CVE Details	https://www.cvedetails.com/cve/CVE-2016-10476/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!