CVE-2017-0397

Published: Jan 12, 2017Modified: May 6, 2026

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

An information disclosure vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32377688.

Affected (27)

Products: Google: Android

Google

1 product

Android

Configuration A

27 vulnerable

Vulnerable Software	Affected Versions
Google Android	Version 4.0.1
Google Android	Version 4.0.2
Google Android	Version 4.0.3
Google Android	Version 4.0.4
Google Android	Version 4.0
Google Android	Version 4.1.2
Google Android	Version 4.1
Google Android	Version 4.2.1
Google Android	Version 4.2.2
Google Android	Version 4.2
Google Android	Version 4.3.1
Google Android	Version 4.3
Google Android	Version 4.4.1
Google Android	Version 4.4.2
Google Android	Version 4.4.3
Google Android	Version 4.4.4
Google Android	Version 4.4
Google Android	Version 5.0.1
Google Android	Version 5.0.2
Google Android	Version 5.0
Google Android	Version 5.1.0
Google Android	Version 5.1.1
Google Android	Version 5.1
Google Android	Version 6.0.1
Google Android	Version 6.0
Google Android	Version 7.0
Google Android	Version 7.1.0