{ "name": "CVE-2017-0676", "CVE": [ [ "CVE-2017-0676", "Bulletin-CVE-2017-0676" ] ], "Coordinated_disclosure": "unknown", "Categories": [ "Media framework" ], "Details": [ [ "A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34896431.", "NIST-CVE-2017-0676" ] ], "Discovered_on": [], "Discovered_by": [ [ "Vasily Vasiliev", "Discovery-CVE-2017-0676" ] ], "Submission": [ { "by": "dcc52", "on": "2019-07-26" } ], "Reported_on": [ [ "2017-07-01", "Bulletin-CVE-2017-0676" ] ], "Fixed_on": [ [ "2017-04-05", "A-34896431" ] ], "Fix_released_on": [], "Affected_versions": [ [ "5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2", "Bulletin-CVE-2017-0676" ] ], "Affected_devices": [], "Affected_versions_regexp": [ "(5\\.0\\.2)|(5\\.1\\.1)|(6\\.0\\.[0-9])|(6\\.0\\.1)|(7\\.0\\.[0-9])|(7\\.1\\.1)|(7\\.1\\.2)" ], "Affected_manufacturers": [ [ "all", "Bulletin-CVE-2017-0676" ] ], "Fixed_versions": [ [ "5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2", "Bulletin-CVE-2017-0676" ] ], "Fixed_versions_regexp": [ "(5\\.0\\.2)|(5\\.1\\.1)|(6\\.0\\.[0-9])|(6\\.0\\.1)|(7\\.0\\.[0-9])|(7\\.1\\.1)|(7\\.1\\.2)" ], "references": { "A-34896431": { "url": "https://android.googlesource.com/platform/external/libhevc/+/8e415eabb5d2abd2f2bd40a675339d967f81521b" }, "NIST-CVE-2017-0676": { "url": "https://nvd.nist.gov/vuln/data-feeds" }, "Bulletin-CVE-2017-0676": { "url": "https://source.android.com/security/bulletin/2017-07-01.html" }, "Discovery-CVE-2017-0676": { "url": "https://source.android.com/security/overview/acknowledgements" } }, "Surface": [ "remote" ], "Vector": [ "memory-corruption" ], "Target": [ "system-component" ], "Channel": [ "remote" ], "Condition": [ "malicious-file-viewed" ], "Privilege": [ "system" ], "CWE": [ [ "CWE-264", "NIST-CVE-2017-0676" ] ] }