{ "name": "CVE-2017-0503", "CVE": [ [ "CVE-2017-0503", "Bulletin-CVE-2017-0503" ] ], "Coordinated_disclosure": "unknown", "Categories": [ "Elevation of privilege vulnerability in MediaTek components" ], "Details": [ [ "An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28449045. References: M-ALPS02710075.", "NIST-CVE-2017-0503" ] ], "Discovered_on": [], "Discovered_by": [ [ "pjf of IceSword Lab, Qihoo 360 Technology Co. Ltd.", "Discovery-CVE-2017-0503" ] ], "Submission": [ { "by": "dcc52", "on": "2019-07-26" } ], "Reported_on": [ [ "2017-03-01", "Bulletin-CVE-2017-0503" ] ], "Fixed_on": [], "Fix_released_on": [], "Affected_versions": [], "Affected_devices": [], "Affected_versions_regexp": [ "" ], "Affected_manufacturers": [ [ "MediaTek", "Bulletin-CVE-2017-0503" ] ], "Fixed_versions": [], "Fixed_versions_regexp": [ "" ], "references": { "A-28449045*": {}, "M-ALPS02710075": {}, "NIST-CVE-2017-0503": { "url": "https://nvd.nist.gov/vuln/data-feeds" }, "Bulletin-CVE-2017-0503": { "url": "https://source.android.com/security/bulletin/2017-03-01.html" }, "Discovery-CVE-2017-0503": { "url": "https://source.android.com/security/overview/acknowledgements" } }, "Surface": [ "local", "app" ], "Vector": [ "memory-corruption" ], "Target": [ "driver" ], "Channel": [ "app-excecution" ], "Condition": [ "affected-app-installed" ], "Privilege": [ "kernel" ], "CWE": [ [ "CWE-264", "NIST-CVE-2017-0503" ] ] }