In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-159625731
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2020-11-10T12:50:04
Updated: 2024-08-04T06:02:51.976Z
Reserved: 2019-10-17T00:00:00
Link: CVE-2020-0452
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-11-10T13:15:12.897
Modified: 2023-11-07T03:13:53.913
Link: CVE-2020-0452
Redhat