First published: Fri Jan 27 2012(Updated: )
Stack-based buffer overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 allows user-assisted remote attackers to execute arbitrary code via an application that calls the FrameworkListener::dispatchCommand method with the wrong number of arguments, as demonstrated by zergRush to trigger a use-after-free error.
Credit: cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | =2.3-rev1 | |
Google Android | =2.3.6 | |
Google Android | =2.3.3 | |
Google Android | =2.3.1 | |
Google Android | =2.3.5 | |
Google Android | =2.2.1 | |
Google Android | =2.2.2 | |
Google Android | =2.2 | |
Google Android | =2.3.4 | |
Google Android | =2.2-rev1 | |
Google Android | =2.3.2 | |
Google Android | =2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.