What is the severity of CVE-2017-0588?

CVE-2017-0588 is rated as Critical due to its potential for remote code execution.

How does CVE-2017-0588 facilitate exploitation?

CVE-2017-0588 allows an attacker to exploit memory corruption during media file processing.

Which versions of Android are affected by CVE-2017-0588?

CVE-2017-0588 affects multiple versions of Android, including versions 4.0 through 7.1.2.

How can I mitigate CVE-2017-0588?

To mitigate CVE-2017-0588, update your Android device to the latest security patch provided by Google.

What type of vulnerability is CVE-2017-0588?

CVE-2017-0588 is a remote code execution vulnerability found in libstagefright.

Vulnerability/
CVE-2017-0588

critical

9.3

CWE

119

1/5/2017

12/5/2017

26/8/2024

CVE-2017-0588: Buffer Overflow

First published: Mon May 01 2017(Updated: )

A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34618607.

Credit: security@android.com

Affected Software	Affected Version	How to fix
Google Android	=4.0
Google Android	=4.0.1
Google Android	=4.0.2
Google Android	=4.0.3
Google Android	=4.0.4
Google Android	=4.1
Google Android	=4.1.2
Google Android	=4.2
Google Android	=4.2.1
Google Android	=4.2.2
Google Android	=4.3
Google Android	=4.3.1
Google Android	=4.4
Google Android	=4.4.1
Google Android	=4.4.2
Google Android	=4.4.3
Google Android	=4.4.4
Google Android	=5.0
Google Android	=5.0.1
Google Android	=5.0.2
Google Android	=5.1
Google Android	=5.1.0
Google Android	=5.1.1
Google Android	=6.0
Google Android	=6.0.1
Google Android	=7.0
Google Android	=7.1.0
Google Android	=7.1.1
Google Android	=7.1.2

Remedy

https://android.googlesource.com/platform/frameworks/av/+/6f1d990ce0f116a205f467d9eb2082795e33872b

Remedy

https://source.android.com/security/bulletin/2017-05-01

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-0588?
CVE-2017-0588 is rated as Critical due to its potential for remote code execution.
How does CVE-2017-0588 facilitate exploitation?
CVE-2017-0588 allows an attacker to exploit memory corruption during media file processing.
Which versions of Android are affected by CVE-2017-0588?
CVE-2017-0588 affects multiple versions of Android, including versions 4.0 through 7.1.2.
How can I mitigate CVE-2017-0588?
To mitigate CVE-2017-0588, update your Android device to the latest security patch provided by Google.
What type of vulnerability is CVE-2017-0588?
CVE-2017-0588 is a remote code execution vulnerability found in libstagefright.

agent/type
agent/references
agent/remedy
agent/first-publish-date
collector/nvd-index
agent/software-canonical-lookup-request
agent/weakness
agent/severity
agent/author
agent/description
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/tags
agent/event
collector/android-source
source/Android
agent/software-canonical-lookup
agent/last-modified-date
agent/source
vendor/google
canonical/google android
version/google android/4.0
version/google android/4.0.1
version/google android/4.0.2
version/google android/4.0.3
version/google android/4.0.4
version/google android/4.1
version/google android/4.1.2
version/google android/4.2
version/google android/4.2.1
version/google android/4.2.2
version/google android/4.3
version/google android/4.3.1
version/google android/4.4
version/google android/4.4.1
version/google android/4.4.2
version/google android/4.4.3
version/google android/4.4.4
version/google android/5.0
version/google android/5.0.1
version/google android/5.0.2
version/google android/5.1
version/google android/5.1.0
version/google android/5.1.1
version/google android/6.0
version/google android/6.0.1
version/google android/7.0
version/google android/7.1.0
version/google android/7.1.1
version/google android/7.1.2

Frequently Asked Questions

What is the severity of CVE-2017-0588?
CVE-2017-0588 is rated as Critical due to its potential for remote code execution.
How does CVE-2017-0588 facilitate exploitation?
CVE-2017-0588 allows an attacker to exploit memory corruption during media file processing.
Which versions of Android are affected by CVE-2017-0588?
CVE-2017-0588 affects multiple versions of Android, including versions 4.0 through 7.1.2.
How can I mitigate CVE-2017-0588?
To mitigate CVE-2017-0588, update your Android device to the latest security patch provided by Google.
What type of vulnerability is CVE-2017-0588?
CVE-2017-0588 is a remote code execution vulnerability found in libstagefright.

CVE-2017-0588: Buffer Overflow

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-0588?

How does CVE-2017-0588 facilitate exploitation?

Which versions of Android are affected by CVE-2017-0588?

How can I mitigate CVE-2017-0588?

What type of vulnerability is CVE-2017-0588?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-0588?

How does CVE-2017-0588 facilitate exploitation?

Which versions of Android are affected by CVE-2017-0588?

How can I mitigate CVE-2017-0588?

What type of vulnerability is CVE-2017-0588?