{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2017-13323", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "state": "PUBLISHED", "assignerShortName": "google_android", "dateReserved": "2017-08-23T00:00:00.000Z", "datePublished": "2024-11-27T21:35:53.233Z", "dateUpdated": "2024-11-29T21:42:26.397Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [{"status": "affected", "version": "6"}, {"status": "affected", "version": "6.0.1"}, {"status": "affected", "version": "7"}, {"status": "affected", "version": "7.1.1"}, {"status": "affected", "version": "7.1.2"}, {"status": "affected", "version": "8"}, {"status": "affected", "version": "8.1"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">In String16 of String16.cpp, there is a possible out of bounds write due to&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">an integer overflow. This could lead to local escalation of privilege in an&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">unprivileged process with no additional execution privileges needed. User&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">interaction is not needed for exploitation.</span><br>"}], "value": "In String16 of String16.cpp, there is a possible out of bounds write due to\u00a0an integer overflow. This could lead to local escalation of privilege in an\u00a0unprivileged process with no additional execution privileges needed. User\u00a0interaction is not needed for exploitation."}], "providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2024-11-27T21:37:22.228Z"}, "references": [{"url": "https://source.android.com/docs/security/bulletin/pixel/2018-05-01"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "affected": [{"vendor": "google", "product": "pixel", "cpes": ["cpe:2.3:h:google:pixel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2018-05-05", "versionType": "custom"}]}, {"vendor": "google", "product": "android", "cpes": ["cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2018-05-05", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-11-29T21:35:22.109404Z", "id": "CVE-2017-13323", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-29T21:42:26.397Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2017-13323", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-29T21:35:22.109404Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:google:pixel:*:*:*:*:*:*:*:*"], "vendor": "google", "product": "pixel", "versions": [{"status": "affected", "version": "0", "lessThan": "2018-05-05", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"], "vendor": "google", "product": "android", "versions": [{"status": "affected", "version": "0", "lessThan": "2018-05-05", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-29T21:36:56.220Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Google", "product": "Android", "versions": [{"status": "affected", "version": "6"}, {"status": "affected", "version": "6.0.1"}, {"status": "affected", "version": "7"}, {"status": "affected", "version": "7.1.1"}, {"status": "affected", "version": "7.1.2"}, {"status": "affected", "version": "8"}, {"status": "affected", "version": "8.1"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://source.android.com/docs/security/bulletin/pixel/2018-05-01"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "In String16 of String16.cpp, there is a possible out of bounds write due to\u00a0an integer overflow. This could lead to local escalation of privilege in an\u00a0unprivileged process with no additional execution privileges needed. User\u00a0interaction is not needed for exploitation.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">In String16 of String16.cpp, there is a possible out of bounds write due to&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">an integer overflow. This could lead to local escalation of privilege in an&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">unprivileged process with no additional execution privileges needed. User&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">interaction is not needed for exploitation.</span><br>", "base64": false}]}], "providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2024-11-27T21:37:22.228Z"}}}, "cveMetadata": {"cveId": "CVE-2017-13323", "state": "PUBLISHED", "dateUpdated": "2024-11-29T21:42:26.397Z", "dateReserved": "2017-08-23T00:00:00.000Z", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "datePublished": "2024-11-27T21:35:53.233Z", "assignerShortName": "google_android"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E70C6D8D-C9C3-4D92-8DFC-71F59E068295", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "691FA41B-C2CE-413F-ABB1-0B22CB322807", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "09E6085C-A61E-4A89-BF80-EDD9A7DF1E47", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "D835D592-2423-44C6-804A-3AD010112E7C", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "568E2561-A068-46A2-B331-BBA91FC96F0C", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "B578E383-0D77-4AC7-9C81-3F0B8C18E033", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In String16 of String16.cpp, there is a possible out of bounds write due to\u00a0an integer overflow. This could lead to local escalation of privilege in an\u00a0unprivileged process with no additional execution privileges needed. User\u00a0interaction is not needed for exploitation."}, {"lang": "es", "value": "En String16 de String16.cpp, existe una posible escritura fuera de los l\u00edmites debido a un desbordamiento de enteros. Esto podr\u00eda provocar una escalada local de privilegios en un proceso sin privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."}], "id": "CVE-2017-13323", "lastModified": "2024-12-18T20:33:03.693", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-11-27T22:15:04.983", "references": [{"source": "security@android.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://source.android.com/docs/security/bulletin/pixel/2018-05-01"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}