cvelistv5 - cve-2016-6703

CVE-2016-6703 (GCVE-0-2016-6703)

Vulnerability from cvelistv5 – Published: 2016-11-25 16:00 – Updated: 2024-08-06 01:36

Summary

A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246.

Severity ?

No CVSS data available.

CWE

Remote code execution

Assigner

google_android

References

URL

Tags

	http://www.securityfocus.com/bid/94161	vdb-entryx_refsource_BID
	https://source.android.com/security/bulletin/2016…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Google Inc.	Android	Affected: Android-4.4.4 Affected: Android-5.0.2 Affected: Android-5.1.1 Affected: Android-6.0 Affected: Android-6.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:36:29.368Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "94161",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94161"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2016-11-01.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Android",
          "vendor": "Google Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android-4.4.4"
            },
            {
              "status": "affected",
              "version": "Android-5.0.2"
            },
            {
              "status": "affected",
              "version": "Android-5.1.1"
            },
            {
              "status": "affected",
              "version": "Android-6.0"
            },
            {
              "status": "affected",
              "version": "Android-6.0.1"
            }
          ]
        }
      ],
      "datePublic": "2016-11-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote code execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "name": "94161",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94161"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2016-11-01.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@android.com",
          "ID": "CVE-2016-6703",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Android",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Android-4.4.4"
                          },
                          {
                            "version_value": "Android-5.0.2"
                          },
                          {
                            "version_value": "Android-5.1.1"
                          },
                          {
                            "version_value": "Android-6.0"
                          },
                          {
                            "version_value": "Android-6.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Google Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote code execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "94161",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94161"
            },
            {
              "name": "https://source.android.com/security/bulletin/2016-11-01.html",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2016-11-01.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2016-6703",
    "datePublished": "2016-11-25T16:00:00",
    "dateReserved": "2016-08-11T00:00:00",
    "dateUpdated": "2024-08-06T01:36:29.368Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.0.1\", \"matchCriteriaId\": \"2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A39C31E3-75C0-4E92-A6B5-7D67B22E3449\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB318EA4-2908-4B91-8DBB-20008FDF528A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F4E46A9-B652-47CE-92E8-01021E57724B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB9B53C6-AE84-4A45-B83E-8E5CE44F7B93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36DD8E3F-6308-4680-B932-4CBD8E58A7FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DA9F0F7-D592-481E-884C-B1A94E702825\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CD857E7-B878-49F9-BDDA-93DDEBB0B42B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBDABB6C-FFF9-4E79-9EF1-BDC0BBDEA9F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A47AB858-36DE-4330-8CAC-1B46C5C8DA80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49413FF7-7910-4F74-B106-C3170612CB2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8882E50-7C49-4A99-91F2-DF979CF8BB2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98C32982-095C-4628-9958-118A3D3A9CAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C4E6353-B77A-464F-B7DE-932704003B33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77125688-2CCA-4990-ABB2-551D47CB0CDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7A8EC00-266C-409B-AD43-18E8DFCD6FE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B846C63A-7261-481E-B4A4-0D8C79E0D8A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E70C6D8D-C9C3-4D92-8DFC-71F59E068295\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de ejecuci\\u00f3n de c\\u00f3digo remoto en la biblioteca Android runtime en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones anteriores a 01-11-2016 podr\\u00eda habilitar a un atacante que utiliza una carga \\u00fatil especialmente manipulada a ejecutar c\\u00f3digo arbitrario en el contexto de un proceso no privilegiado. Este problema est\\u00e1 clasificado como High debido a la posibilidad de ejecuci\\u00f3n remota de c\\u00f3digo en una aplicaci\\u00f3n que usa el Android runtime. Android ID: A-30765246.\"}]",
      "id": "CVE-2016-6703",
      "lastModified": "2024-11-21T02:56:39.913",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2016-11-25T16:59:09.187",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/94161\", \"source\": \"security@android.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://source.android.com/security/bulletin/2016-11-01.html\", \"source\": \"security@android.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94161\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://source.android.com/security/bulletin/2016-11-01.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@android.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-6703\",\"sourceIdentifier\":\"security@android.com\",\"published\":\"2016-11-25T16:59:09.187\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en la biblioteca Android runtime en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones anteriores a 01-11-2016 podr\u00eda habilitar a un atacante que utiliza una carga \u00fatil especialmente manipulada a ejecutar c\u00f3digo arbitrario en el contexto de un proceso no privilegiado. Este problema est\u00e1 clasificado como High debido a la posibilidad de ejecuci\u00f3n remota de c\u00f3digo en una aplicaci\u00f3n que usa el Android runtime. Android ID: A-30765246.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.0.1\",\"matchCriteriaId\":\"2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A39C31E3-75C0-4E92-A6B5-7D67B22E3449\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB318EA4-2908-4B91-8DBB-20008FDF528A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4E46A9-B652-47CE-92E8-01021E57724B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB9B53C6-AE84-4A45-B83E-8E5CE44F7B93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36DD8E3F-6308-4680-B932-4CBD8E58A7FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DA9F0F7-D592-481E-884C-B1A94E702825\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CD857E7-B878-49F9-BDDA-93DDEBB0B42B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBDABB6C-FFF9-4E79-9EF1-BDC0BBDEA9F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A47AB858-36DE-4330-8CAC-1B46C5C8DA80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49413FF7-7910-4F74-B106-C3170612CB2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8882E50-7C49-4A99-91F2-DF979CF8BB2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98C32982-095C-4628-9958-118A3D3A9CAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C4E6353-B77A-464F-B7DE-932704003B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77125688-2CCA-4990-ABB2-551D47CB0CDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7A8EC00-266C-409B-AD43-18E8DFCD6FE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B846C63A-7261-481E-B4A4-0D8C79E0D8A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E70C6D8D-C9C3-4D92-8DFC-71F59E068295\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/94161\",\"source\":\"security@android.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://source.android.com/security/bulletin/2016-11-01.html\",\"source\":\"security@android.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94161\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://source.android.com/security/bulletin/2016-11-01.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

FKIE_CVE-2016-6703

Vulnerability from fkie_nvd - Published: 2016-11-25 16:59 - Updated: 2025-04-12 10:46

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@android.com	http://www.securityfocus.com/bid/94161	Third Party Advisory, VDB Entry
security@android.com	https://source.android.com/security/bulletin/2016-11-01.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94161	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://source.android.com/security/bulletin/2016-11-01.html	Vendor Advisory

Impacted products

Vendor	Product	Version
google	android	*
google	android	4.0
google	android	4.0.1
google	android	4.0.2
google	android	4.0.3
google	android	4.0.4
google	android	4.1
google	android	4.1.2
google	android	4.2
google	android	4.2.1
google	android	4.2.2
google	android	4.3
google	android	4.3.1
google	android	4.4
google	android	4.4.1
google	android	4.4.2
google	android	4.4.3
google	android	5.0
google	android	5.0.1
google	android	5.1
google	android	5.1.0
google	android	6.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9",
              "versionEndIncluding": "6.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A39C31E3-75C0-4E92-A6B5-7D67B22E3449",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB318EA4-2908-4B91-8DBB-20008FDF528A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F4E46A9-B652-47CE-92E8-01021E57724B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB9B53C6-AE84-4A45-B83E-8E5CE44F7B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DD8E3F-6308-4680-B932-4CBD8E58A7FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DA9F0F7-D592-481E-884C-B1A94E702825",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CD857E7-B878-49F9-BDDA-93DDEBB0B42B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBDABB6C-FFF9-4E79-9EF1-BDC0BBDEA9F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A47AB858-36DE-4330-8CAC-1B46C5C8DA80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "49413FF7-7910-4F74-B106-C3170612CB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8882E50-7C49-4A99-91F2-DF979CF8BB2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "98C32982-095C-4628-9958-118A3D3A9CAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C4E6353-B77A-464F-B7DE-932704003B33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "77125688-2CCA-4990-ABB2-551D47CB0CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7A8EC00-266C-409B-AD43-18E8DFCD6FE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B846C63A-7261-481E-B4A4-0D8C79E0D8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E70C6D8D-C9C3-4D92-8DFC-71F59E068295",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en la biblioteca Android runtime en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones anteriores a 01-11-2016 podr\u00eda habilitar a un atacante que utiliza una carga \u00fatil especialmente manipulada a ejecutar c\u00f3digo arbitrario en el contexto de un proceso no privilegiado. Este problema est\u00e1 clasificado como High debido a la posibilidad de ejecuci\u00f3n remota de c\u00f3digo en una aplicaci\u00f3n que usa el Android runtime. Android ID: A-30765246."
    }
  ],
  "id": "CVE-2016-6703",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-11-25T16:59:09.187",
  "references": [
    {
      "source": "security@android.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94161"
    },
    {
      "source": "security@android.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://source.android.com/security/bulletin/2016-11-01.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://source.android.com/security/bulletin/2016-11-01.html"
    }
  ],
  "sourceIdentifier": "security@android.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2016-6703

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-6703

Aliases

CVE-2016-6703

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-6703",
    "description": "A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246.",
    "id": "GSD-2016-6703"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-6703"
      ],
      "details": "A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246.",
      "id": "GSD-2016-6703",
      "modified": "2023-12-13T01:21:23.612841Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@android.com",
        "ID": "CVE-2016-6703",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Android",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Android-4.4.4"
                        },
                        {
                          "version_value": "Android-5.0.2"
                        },
                        {
                          "version_value": "Android-5.1.1"
                        },
                        {
                          "version_value": "Android-6.0"
                        },
                        {
                          "version_value": "Android-6.0.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Google Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote code execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "94161",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/94161"
          },
          {
            "name": "https://source.android.com/security/bulletin/2016-11-01.html",
            "refsource": "CONFIRM",
            "url": "https://source.android.com/security/bulletin/2016-11-01.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@android.com",
          "ID": "CVE-2016-6703"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://source.android.com/security/bulletin/2016-11-01.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://source.android.com/security/bulletin/2016-11-01.html"
            },
            {
              "name": "94161",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/94161"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2016-12-06T15:09Z",
      "publishedDate": "2016-11-25T16:59Z"
    }
  }
}

GHSA-XVC4-F349-6428

Vulnerability from github – Published: 2022-05-17 03:28 – Updated: 2022-05-17 03:28

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-6703"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-11-25T16:59:00Z",
    "severity": "HIGH"
  },
  "details": "A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246.",
  "id": "GHSA-xvc4-f349-6428",
  "modified": "2022-05-17T03:28:59Z",
  "published": "2022-05-17T03:28:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6703"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2016-11-01.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94161"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2016-11180

Vulnerability from cnvd - Published: 2016-11-17

Title

Google Android Runtime Library远程代码执行漏洞

Description

Android是美国谷歌（Google）公司和开放手持设备联盟（简称OHA）共同开发的一套以Linux为基础的开源操作系统。Android runtime（ART）是Android系统的运行环境。 Android中的ART存在远程代码执行漏洞。攻击者可通过使用特制的payload利用该漏洞以提升的权限执行任意代码。

Severity

高

Patch Name

Google Android Runtime Library远程代码执行漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://source.android.com/security/bulletin/2016-11-01.html

Reference

http://www.securityfocus.com/bid/94161

Impacted products

Name
['Google Android 4.4.4', 'Google Android 6.0', 'Google Android 5.0.2', 'Google Android 5.1.1', 'Google Android 6.0.1']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "94161"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-6703"
    }
  },
  "description": "Android\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u548c\u5f00\u653e\u624b\u6301\u8bbe\u5907\u8054\u76df\uff08\u7b80\u79f0OHA\uff09\u5171\u540c\u5f00\u53d1\u7684\u4e00\u5957\u4ee5Linux\u4e3a\u57fa\u7840\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edf\u3002Android runtime\uff08ART\uff09\u662fAndroid\u7cfb\u7edf\u7684\u8fd0\u884c\u73af\u5883\u3002\r\n\r\nAndroid\u4e2d\u7684ART\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u4f7f\u7528\u7279\u5236\u7684payload\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u63d0\u5347\u7684\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Andrei Kapishnikov and Miriam Gershenson of Google",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://source.android.com/security/bulletin/2016-11-01.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-11180",
  "openTime": "2016-11-17",
  "patchDescription": "Android\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u548c\u5f00\u653e\u624b\u6301\u8bbe\u5907\u8054\u76df\uff08\u7b80\u79f0OHA\uff09\u5171\u540c\u5f00\u53d1\u7684\u4e00\u5957\u4ee5Linux\u4e3a\u57fa\u7840\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edf\u3002Android runtime\uff08ART\uff09\u662fAndroid\u7cfb\u7edf\u7684\u8fd0\u884c\u73af\u5883\u3002\r\n\r\nAndroid\u4e2d\u7684ART\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u4f7f\u7528\u7279\u5236\u7684payload\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u63d0\u5347\u7684\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google Android Runtime Library\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Google Android 4.4.4",
      "Google Android 6.0",
      "Google Android 5.0.2",
      "Google Android  5.1.1",
      "Google Android  6.0.1"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/94161",
  "serverity": "\u9ad8",
  "submitTime": "2016-11-10",
  "title": "Google Android Runtime Library\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CERTFR-2016-AVI-370

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Google Android (Nexus). Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Google Android (Nexus) toutes versions n'intégrant pas le correctif de sécurité du 7 novembre 2016

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Google du 07 novembre 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eGoogle Android (Nexus) toutes versions n\u0027int\u00e9grant pas le  correctif de s\u00e9curit\u00e9 du 7 novembre 2016\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-6718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6718"
    },
    {
      "name": "CVE-2014-9908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9908"
    },
    {
      "name": "CVE-2016-7916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7916"
    },
    {
      "name": "CVE-2016-6732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6732"
    },
    {
      "name": "CVE-2016-6719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6719"
    },
    {
      "name": "CVE-2016-6739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6739"
    },
    {
      "name": "CVE-2016-7914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7914"
    },
    {
      "name": "CVE-2016-6136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
    },
    {
      "name": "CVE-2016-7917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7917"
    },
    {
      "name": "CVE-2016-7913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7913"
    },
    {
      "name": "CVE-2015-0410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0410"
    },
    {
      "name": "CVE-2016-6728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6728"
    },
    {
      "name": "CVE-2016-6730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6730"
    },
    {
      "name": "CVE-2016-6751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6751"
    },
    {
      "name": "CVE-2016-6714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6714"
    },
    {
      "name": "CVE-2016-6707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6707"
    },
    {
      "name": "CVE-2016-7912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7912"
    },
    {
      "name": "CVE-2015-1283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
    },
    {
      "name": "CVE-2015-8961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8961"
    },
    {
      "name": "CVE-2016-6709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6709"
    },
    {
      "name": "CVE-2016-0718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0718"
    },
    {
      "name": "CVE-2016-6727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6727"
    },
    {
      "name": "CVE-2016-6704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6704"
    },
    {
      "name": "CVE-2016-5300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5300"
    },
    {
      "name": "CVE-2016-6702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6702"
    },
    {
      "name": "CVE-2016-6729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6729"
    },
    {
      "name": "CVE-2016-6715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6715"
    },
    {
      "name": "CVE-2016-6735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6735"
    },
    {
      "name": "CVE-2016-7915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7915"
    },
    {
      "name": "CVE-2016-6698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6698"
    },
    {
      "name": "CVE-2012-6702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6702"
    },
    {
      "name": "CVE-2016-3906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3906"
    },
    {
      "name": "CVE-2016-6706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6706"
    },
    {
      "name": "CVE-2016-6717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6717"
    },
    {
      "name": "CVE-2015-8963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8963"
    },
    {
      "name": "CVE-2016-6725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6725"
    },
    {
      "name": "CVE-2016-6700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6700"
    },
    {
      "name": "CVE-2016-6746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6746"
    },
    {
      "name": "CVE-2016-6738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6738"
    },
    {
      "name": "CVE-2016-6740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6740"
    },
    {
      "name": "CVE-2016-6724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6724"
    },
    {
      "name": "CVE-2016-6747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6747"
    },
    {
      "name": "CVE-2016-6744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6744"
    },
    {
      "name": "CVE-2016-6752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6752"
    },
    {
      "name": "CVE-2016-6711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6711"
    },
    {
      "name": "CVE-2016-3907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3907"
    },
    {
      "name": "CVE-2016-6710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6710"
    },
    {
      "name": "CVE-2016-6703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6703"
    },
    {
      "name": "CVE-2016-6754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6754"
    },
    {
      "name": "CVE-2016-6743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6743"
    },
    {
      "name": "CVE-2016-6742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6742"
    },
    {
      "name": "CVE-2016-6749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6749"
    },
    {
      "name": "CVE-2016-6745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6745"
    },
    {
      "name": "CVE-2016-6720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6720"
    },
    {
      "name": "CVE-2016-6722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6722"
    },
    {
      "name": "CVE-2016-6721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6721"
    },
    {
      "name": "CVE-2016-6699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6699"
    },
    {
      "name": "CVE-2016-6733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6733"
    },
    {
      "name": "CVE-2016-6753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6753"
    },
    {
      "name": "CVE-2016-6750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6750"
    },
    {
      "name": "CVE-2016-6723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6723"
    },
    {
      "name": "CVE-2016-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5195"
    },
    {
      "name": "CVE-2016-2184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2184"
    },
    {
      "name": "CVE-2015-8962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
    },
    {
      "name": "CVE-2016-7910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7910"
    },
    {
      "name": "CVE-2016-6734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6734"
    },
    {
      "name": "CVE-2016-6741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6741"
    },
    {
      "name": "CVE-2016-7911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7911"
    },
    {
      "name": "CVE-2016-6726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6726"
    },
    {
      "name": "CVE-2016-6737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6737"
    },
    {
      "name": "CVE-2016-6705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6705"
    },
    {
      "name": "CVE-2015-8964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
    },
    {
      "name": "CVE-2016-6708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6708"
    },
    {
      "name": "CVE-2016-6736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6736"
    },
    {
      "name": "CVE-2016-6748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6748"
    },
    {
      "name": "CVE-2016-6828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6828"
    },
    {
      "name": "CVE-2016-6712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6712"
    },
    {
      "name": "CVE-2014-9675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9675"
    },
    {
      "name": "CVE-2016-6716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6716"
    },
    {
      "name": "CVE-2016-6713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6713"
    },
    {
      "name": "CVE-2016-6731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6731"
    },
    {
      "name": "CVE-2016-6701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6701"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-370",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-11-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Android (Nexus)\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android (Nexus)",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Google du 07 novembre 2016",
      "url": "https://source.android.com/security/bulletin/2016-11-01.html"
    }
  ]
}

CERTFR-2016-AVI-370

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Google Android (Nexus) toutes versions n'intégrant pas le correctif de sécurité du 7 novembre 2016

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Google du 07 novembre 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eGoogle Android (Nexus) toutes versions n\u0027int\u00e9grant pas le  correctif de s\u00e9curit\u00e9 du 7 novembre 2016\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-6718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6718"
    },
    {
      "name": "CVE-2014-9908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9908"
    },
    {
      "name": "CVE-2016-7916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7916"
    },
    {
      "name": "CVE-2016-6732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6732"
    },
    {
      "name": "CVE-2016-6719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6719"
    },
    {
      "name": "CVE-2016-6739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6739"
    },
    {
      "name": "CVE-2016-7914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7914"
    },
    {
      "name": "CVE-2016-6136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
    },
    {
      "name": "CVE-2016-7917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7917"
    },
    {
      "name": "CVE-2016-7913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7913"
    },
    {
      "name": "CVE-2015-0410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0410"
    },
    {
      "name": "CVE-2016-6728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6728"
    },
    {
      "name": "CVE-2016-6730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6730"
    },
    {
      "name": "CVE-2016-6751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6751"
    },
    {
      "name": "CVE-2016-6714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6714"
    },
    {
      "name": "CVE-2016-6707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6707"
    },
    {
      "name": "CVE-2016-7912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7912"
    },
    {
      "name": "CVE-2015-1283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
    },
    {
      "name": "CVE-2015-8961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8961"
    },
    {
      "name": "CVE-2016-6709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6709"
    },
    {
      "name": "CVE-2016-0718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0718"
    },
    {
      "name": "CVE-2016-6727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6727"
    },
    {
      "name": "CVE-2016-6704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6704"
    },
    {
      "name": "CVE-2016-5300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5300"
    },
    {
      "name": "CVE-2016-6702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6702"
    },
    {
      "name": "CVE-2016-6729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6729"
    },
    {
      "name": "CVE-2016-6715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6715"
    },
    {
      "name": "CVE-2016-6735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6735"
    },
    {
      "name": "CVE-2016-7915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7915"
    },
    {
      "name": "CVE-2016-6698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6698"
    },
    {
      "name": "CVE-2012-6702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6702"
    },
    {
      "name": "CVE-2016-3906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3906"
    },
    {
      "name": "CVE-2016-6706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6706"
    },
    {
      "name": "CVE-2016-6717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6717"
    },
    {
      "name": "CVE-2015-8963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8963"
    },
    {
      "name": "CVE-2016-6725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6725"
    },
    {
      "name": "CVE-2016-6700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6700"
    },
    {
      "name": "CVE-2016-6746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6746"
    },
    {
      "name": "CVE-2016-6738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6738"
    },
    {
      "name": "CVE-2016-6740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6740"
    },
    {
      "name": "CVE-2016-6724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6724"
    },
    {
      "name": "CVE-2016-6747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6747"
    },
    {
      "name": "CVE-2016-6744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6744"
    },
    {
      "name": "CVE-2016-6752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6752"
    },
    {
      "name": "CVE-2016-6711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6711"
    },
    {
      "name": "CVE-2016-3907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3907"
    },
    {
      "name": "CVE-2016-6710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6710"
    },
    {
      "name": "CVE-2016-6703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6703"
    },
    {
      "name": "CVE-2016-6754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6754"
    },
    {
      "name": "CVE-2016-6743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6743"
    },
    {
      "name": "CVE-2016-6742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6742"
    },
    {
      "name": "CVE-2016-6749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6749"
    },
    {
      "name": "CVE-2016-6745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6745"
    },
    {
      "name": "CVE-2016-6720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6720"
    },
    {
      "name": "CVE-2016-6722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6722"
    },
    {
      "name": "CVE-2016-6721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6721"
    },
    {
      "name": "CVE-2016-6699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6699"
    },
    {
      "name": "CVE-2016-6733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6733"
    },
    {
      "name": "CVE-2016-6753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6753"
    },
    {
      "name": "CVE-2016-6750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6750"
    },
    {
      "name": "CVE-2016-6723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6723"
    },
    {
      "name": "CVE-2016-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5195"
    },
    {
      "name": "CVE-2016-2184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2184"
    },
    {
      "name": "CVE-2015-8962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
    },
    {
      "name": "CVE-2016-7910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7910"
    },
    {
      "name": "CVE-2016-6734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6734"
    },
    {
      "name": "CVE-2016-6741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6741"
    },
    {
      "name": "CVE-2016-7911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7911"
    },
    {
      "name": "CVE-2016-6726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6726"
    },
    {
      "name": "CVE-2016-6737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6737"
    },
    {
      "name": "CVE-2016-6705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6705"
    },
    {
      "name": "CVE-2015-8964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
    },
    {
      "name": "CVE-2016-6708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6708"
    },
    {
      "name": "CVE-2016-6736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6736"
    },
    {
      "name": "CVE-2016-6748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6748"
    },
    {
      "name": "CVE-2016-6828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6828"
    },
    {
      "name": "CVE-2016-6712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6712"
    },
    {
      "name": "CVE-2014-9675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9675"
    },
    {
      "name": "CVE-2016-6716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6716"
    },
    {
      "name": "CVE-2016-6713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6713"
    },
    {
      "name": "CVE-2016-6731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6731"
    },
    {
      "name": "CVE-2016-6701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6701"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-370",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-11-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Android (Nexus)\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android (Nexus)",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Google du 07 novembre 2016",
      "url": "https://source.android.com/security/bulletin/2016-11-01.html"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-6703 (GCVE-0-2016-6703)

FKIE_CVE-2016-6703

GSD-2016-6703

GHSA-XVC4-F349-6428

CNVD-2016-11180

CERTFR-2016-AVI-370

Solution

CERTFR-2016-AVI-370

Solution

Tags

Sightings

Nomenclature