First published: Mon Apr 02 2018(Updated: )
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while playing back a .flv clip which doesn't have an inbuilt seek table, a dynamic index table access is out of bounds and leads to crash.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Qualcomm Mdm9206 Firmware | ||
Qualcomm Mdm9206 | ||
Qualcomm Mdm9607 Firmware | ||
Qualcomm Mdm9607 | ||
Qualcomm Mdm9650 Firmware | ||
Qualcomm Mdm9650 | ||
Qualcomm Sd 210 Firmware | ||
Qualcomm Sd 210 | ||
Qualcomm Sd 212 Firmware | ||
Qualcomm Sd 212 | ||
Qualcomm Sd 205 Firmware | ||
Qualcomm Sd 205 | ||
Qualcomm Sd 400 Firmware | ||
Qualcomm Sd 400 | ||
Qualcomm Sd 410 Firmware | ||
Qualcomm Sd 410 | ||
Qualcomm Sd 412 Firmware | ||
Qualcomm Sd 412 | ||
Qualcomm Sd 425 Firmware | ||
Qualcomm Sd 425 | ||
Qualcomm Sd 430 Firmware | ||
Qualcomm Sd 430 | ||
Qualcomm Sd 450 Firmware | ||
Qualcomm Sd 450 | ||
Qualcomm Sd 615 Firmware | ||
Qualcomm Sd 615 | ||
Qualcomm Sd 616 Firmware | ||
Qualcomm Sd 616 | ||
Qualcomm Sd 415 Firmware | ||
Qualcomm Sd 415 | ||
Qualcomm Sd 617 Firmware | ||
Qualcomm Sd 617 | ||
Qualcomm Sd 625 Firmware | ||
Qualcomm Sd 625 | ||
Qualcomm Sd 650 Firmware | ||
Qualcomm Sd 650 | ||
Qualcomm Sd 652 Firmware | ||
Qualcomm Sd 652 | ||
Qualcomm Sd 800 Firmware | ||
Qualcomm Sd 800 | ||
Google Android | ||
Qualcomm Sd 808 | ||
Google Android | ||
Qualcomm Sd 810 | ||
Qualcomm Sd 820 Firmware | ||
Qualcomm Sd 820 | ||
Qualcomm Sd 835 Firmware | ||
Qualcomm Sd 835 | ||
Qualcomm Sd 600 Firmware | ||
Qualcomm Sd 600 | ||
Qualcomm Sdx20 Firmware | ||
Qualcomm Sdx20 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2016-10420 is high with a severity value of 5.5.
CVE-2016-10420 affects Android devices before 2018-04-05 or with earlier security patch levels on Qualcomm Snapdragon Mobile and Snapdragon Wear devices.
CVE-2016-10420 is a vulnerability in Android that allows remote attackers to bypass intended access restrictions.
To fix CVE-2016-10420, update your Android device to the latest security patch level released by Google.
You can find more information about CVE-2016-10420 in the references provided: http://www.securityfocus.com/bid/103671, https://source.android.com/security/bulletin/2018-04-01, https://source.android.com/docs/security/bulletin/2018-04-01/#asterisk