← Back

CVE-2017-0720

nvd nist
Published: Aug 9, 2017Modified: May 13, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37430213.

Affected (12)

Products: Google: Android
Google
1 product
Android
Configuration A
12 vulnerable
Vulnerable SoftwareAffected Versions
Google
Android
Version 5.0.1
Android
Version 5.0.2
Android
Version 5.0
Android
Version 5.1.0
Android
Version 5.1.1
Android
Version 5.1
Android
Version 6.0.1
Android
Version 6.0
Android
Version 7.0
Android
Version 7.1.0
Android
Version 7.1.1
Android
Version 7.1.2

Related CWEs

CWE-252
Unchecked Return Value
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

References (4)

Source: security@android.com
Third Party AdvisoryVDB Entry
Source: security@android.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.