CVE-2019-2186

In GetMBheader of combined_decode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-136175447

Published : 2019-10-11 19:15 Updated : 2019-10-16 16:57

9.3
CVSS Score More info
Score 9.3 / 10
9.3
Vendor Product Version URI
Google Android 7.1.1 cpe:/o:google:android:7.1.1
Google Android 7.1.2 cpe:/o:google:android:7.1.2
Google Android 8.0 cpe:/o:google:android:8.0
Google Android 8.1 cpe:/o:google:android:8.1
Google Android 9.0 cpe:/o:google:android:9.0
Google Android 10.0 cpe:/o:google:android:10.0
  1. Google (1) Search CVE
    1. Android (6) Search CVE
      1. 7.1.1
      2. 7.1.2
      3. 8.0
      4. 8.1
      5. 9.0
      6. 10.0

CWE

ID Name Description Links
CWE-787 Out-of-bounds Write The software writes data past the end, or before the beginning, of the intended buffer. CVE

History of changes

Date Event
2019-10-16 16:57
2019-10-11 19:29

New CVE