Vulnerabilities > CVE-2015-3863 - Numeric Errors vulnerability in Google Android

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
google
CWE-189
NVD
Published: 2015-10-01
Updated: 2024-11-21

Summary

Multiple integer overflows in the Blob class in keystore/keystore.cpp in Keystore in Android before 5.1.1 LMY48M allow attackers to execute arbitrary code and read arbitrary Keystore keys via an application that uses a crafted blob in an insert operation, aka internal bug 22802399.

Vulnerable Configurations

Part Description Count
OS
Google
52

Common Weakness Enumeration (CWE)

References