First published: Mon Mar 06 2017(Updated: )
An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32764144.
Credit: security@android.com
Affected Software | Affected Version | How to fix |
---|---|---|
Android | ||
Android | =6.0 | |
Android | =6.0.1 | |
Android | =7.0 | |
Android | =7.1.0 | |
Android | =7.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-0494 is rated as Moderate due to its potential to allow unauthorized access to sensitive data.
CVE-2017-0494 affects Android versions 6.0, 6.0.1, 7.0, 7.1.0, and 7.1.1.
CVE-2017-0494 is an information disclosure vulnerability that allows remote attackers to access data outside of permitted boundaries.
To mitigate the risks of CVE-2017-0494, updating to a patched version of Android is recommended.
Yes, CVE-2017-0494 can be exploited remotely through a specially crafted file.