CVE-2018-9521

State: PUBLISHED · Published: 2018-11-14 · Updated: 2024-08-05 · Assigner: google_android

Description

In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-111874331

CWE

(none)

Affected

Google Inc. / Android — v=Android-9 [affected]

CVSS

(none)

References

http://www.securityfocus.com/bid/105865 vdb-entry, x_refsource_BID
https://source.android.com/security/bulletin/2018-11-01 x_refsource_CONFIRM

Source

cvelistV5-main/cves/2018/9xxx/CVE-2018-9521.json