Vulnerabilities > CVE-2017-13253 - Out-of-bounds Write vulnerability in Google Android 8.0/8.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-71389378.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Android DRM Services - Buffer Overflow. CVE-2017-13253. Dos exploit for Android platform |
| file | exploits/android/dos/44291.cpp |
| id | EDB-ID:44291 |
| last seen | 2018-05-24 |
| modified | 2018-03-15 |
| platform | android |
| port | |
| published | 2018-03-15 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/44291/ |
| title | Android DRM Services - Buffer Overflow |
| type | dos |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/146822/androiddrmservices-overflow.txt |
| id | PACKETSTORM:146822 |
| last seen | 2018-03-23 |
| published | 2018-03-15 |
| reporter | Tamir Zahavi-Brunner |
| source | https://packetstormsecurity.com/files/146822/Android-DRM-Services-Buffer-Overflow.html |
| title | Android DRM Services Buffer Overflow |