AndroidVulnerabilities.org

CVE-2018-9496

(json)

• CVE numbers: CVE-2018-9496 [Bulletin-CVE-2018-9496]
• Coordinated disclosure?: unknown
• Categories: Media framework
• Details: In ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-110769924 [NIST-CVE-2018-9496]
• Discovered by: on: Unknown
• Reported on: 2018-10-01 [Bulletin-CVE-2018-9496]
• Fixed on: 2018-06-25 [A-110769924]
• Fix released on: 2018-10-05 [Bulletin-CVE-2018-9496]
• Affected versions: 9 [Bulletin-CVE-2018-9496] regex: (9.[0-9].[0-9])
• Affected devices:
• Affected manufacturers: all [Bulletin-CVE-2018-9496]
• Fixed versions: 9 [Bulletin-CVE-2018-9496]
• Submission: by: Daniel Carter, on: 2019-07-25