CVE-2016-0808

Sažetak

Integer overflow in the getCoverageFormat12 function in CmapCoverage.cpp in the Minikin library in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 allows attackers to cause a denial of service (continuous rebooting) via an application that triggers loading of a crafted TTF font, aka internal bug 25645298.

Reference

http://source.android.com/security/bulletin/2016-02-01.html
https://android.googlesource.com/platform/frameworks/minikin/+/ed4c8d79153baab7f26562afb8930652dfbf853b

CVSS

Base:	4.9
Impact:	6.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

14-03-2016 - 15:28

Objavljeno

07-02-2016 - 01:59