CVE-2008-0986 - Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3

CVE-2008-0986

Summary

Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field.

References

Vulnerable Configurations

cpe:2.3:a:google:android_sdk:*:*:*:*:*:*:*:*
cpe:2.3:a:google:android_sdk:*:*:*:*:*:*:*:*
cpe:2.3:a:google:android_sdk:m5-rc14:*:*:*:*:*:*:*
cpe:2.3:a:google:android_sdk:m5-rc14:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 15-10-2018 - 22:04)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	28006
bugtraq	20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK
confirm	http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
misc	http://www.coresecurity.com/?action=item&id=2148
sreason	3727
xf	androidsdk-bmpreadfromstream-int-overflow(40999)

Last major update

15-10-2018 - 22:04

Published

06-03-2008 - 00:44

Last modified

15-10-2018 - 22:04