CVE-2017-0807 โ€” INC Android vulnerability

6 documents6 sources
Severity
9.8CRITICALNVD
EPSS
2.5%
top 14.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google INC AndroidGoogle Android
Timeline
PublishedOct 4
Latest updateMay 13

Description

An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

โ–ถNVDgoogle/android8 versions+7
โ–ถCVEListV5google_inc/android6 versions+5

๐Ÿ”ดVulnerability Details

3
GHSA
GHSA-2r4r-fch4-mp55: An elevation of privilege vulnerability in the Android framework (ui framework)โ†—2022-05-13
โ–ถ
OSV
CVE-2017-0807: An elevation of privilege vulnerability in the Android framework (ui framework)โ†—2017-10-04
โ–ถ
CVEList
CVE-2017-0807: An elevation of privilege vulnerability in the Android framework (ui framework)โ†—2017-10-03
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Android
CVE-2017-0807: Android Security Bulletin 2017-12-01 CVE: CVE-2017-0807 Severity: HIGH Type: EoP Affected AOSP versions: 5โ†—2017-12-01
โ–ถ

๐Ÿ“„Research Papers

1
arXiv
Hey Google, What Exactly Do Your Security Patches Tell Us? A Large-Scale Empirical Study on Android Patched Vulnerabilitiesโ†—2019-05-22
โ–ถ
CVE-2017-0807 โ€” Google INC Android vulnerability | cvebase