A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-30436808.
http://www.securityfocus.com/bid/95230
https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc
https://source.android.com/security/bulletin/2017-01-01.html
Source: MITRE
Published: 2017-01-12
Updated: 2019-10-03
Type: NVD-CWE-noinfo
Base Score: 7.1
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Impact Score: 6.9
Exploitability Score: 8.6
Severity: HIGH
Base Score: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 1.8
Severity: MEDIUM
OR
cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
146743 | EulerOS 2.0 SP2 : libvpx (EulerOS-SA-2021-1322) | Nessus | Huawei Local Security Checks | medium |
146124 | EulerOS 2.0 SP5 : libvpx (EulerOS-SA-2021-1209) | Nessus | Huawei Local Security Checks | high |
142738 | Amazon Linux 2 : libvpx (ALAS-2020-1558) | Nessus | Amazon Linux Local Security Checks | high |
141685 | Scientific Linux Security Update : libvpx on SL7.x x86_64 (20201001) | Nessus | Scientific Linux Local Security Checks | high |
141617 | CentOS 7 : libvpx (CESA-2020:3876) | Nessus | CentOS Local Security Checks | high |
141257 | Oracle Linux 7 : libvpx (ELSA-2020-3876) | Nessus | Oracle Linux Local Security Checks | high |
141041 | RHEL 7 : libvpx (RHSA-2020:3876) | Nessus | Red Hat Local Security Checks | high |