Main Vulnerability Database Exploits ID:6125 - Exploit for Out-of-bounds write in Google Android - CVE-2019-2107

ID:6125 - Exploit for Out-of-bounds write in Google Android - CVE-2019-2107

Published: June 17, 2021

Vulnerability identifier: #VU35741

Vulnerability risk: High

CVE-ID: CVE-2019-2107

CWE-ID: CWE-787

Exploitation vector: Remote access

Vulnerable software:
Google Android

Link to public exploit:

https://www.exploit-db.com/exploits/47119/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130024844.

Remediation

Install update from vendor's website.

ID:6125 - Exploit for Out-of-bounds write in Google Android - CVE-2019-2107

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human