What is the severity of CVE-2017-0756?

CVE-2017-0756 is classified as a critical remote code execution vulnerability in the Android media framework.

How do I fix CVE-2017-0756?

To fix CVE-2017-0756, users should update their Android devices to a patched version that is not affected by this vulnerability.

Which Android versions are affected by CVE-2017-0756?

CVE-2017-0756 affects Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, and 7.1.2.

What kind of attacks can exploit CVE-2017-0756?

CVE-2017-0756 can be exploited to execute arbitrary code remotely, potentially allowing attackers to gain control of an affected device.

Is there a mitigation for CVE-2017-0756?

The primary mitigation for CVE-2017-0756 is to apply the security updates provided by Google for the affected Android versions.

Vulnerability/
CVE-2017-0756

critical

9.3

CWE

367

5/9/2017

26/8/2024

CVE-2017-0756

First published: Tue Sep 05 2017(Updated: )

A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073.

Credit: security@android.com

Affected Software	Affected Version	How to fix
Android
Android	=4.0
Android	=4.0.1
Android	=4.0.2
Android	=4.0.3
Android	=4.0.4
Android	=4.1
Android	=4.1.2
Android	=4.2
Android	=4.2.1
Android	=4.2.2
Android	=4.3
Android	=4.3.1
Android	=4.4
Android	=4.4.1
Android	=4.4.2
Android	=4.4.3
Android	=4.4.4
Android	=5.0
Android	=5.0.1
Android	=5.0.2
Android	=5.1
Android	=5.1.0
Android	=5.1.1
Android	=6.0
Android	=6.0.1
Android	=7.0
Android	=7.1.0
Android	=7.1.1
Android	=7.1.2

Remedy

https://source.android.com/security/bulletin/2017-09-01

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-0756?
CVE-2017-0756 is classified as a critical remote code execution vulnerability in the Android media framework.
How do I fix CVE-2017-0756?
To fix CVE-2017-0756, users should update their Android devices to a patched version that is not affected by this vulnerability.
Which Android versions are affected by CVE-2017-0756?
CVE-2017-0756 affects Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, and 7.1.2.
What kind of attacks can exploit CVE-2017-0756?
CVE-2017-0756 can be exploited to execute arbitrary code remotely, potentially allowing attackers to gain control of an affected device.
Is there a mitigation for CVE-2017-0756?
The primary mitigation for CVE-2017-0756 is to apply the security updates provided by Google for the affected Android versions.

agent/references
agent/type
agent/first-publish-date
agent/weakness
agent/severity
agent/remedy
agent/author
agent/description
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/event
agent/last-modified-date
agent/source
agent/tags
collector/android-source
source/Android
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
vendor/google
canonical/android
version/android/4.0
version/android/4.0.1
version/android/4.0.2
version/android/4.0.3
version/android/4.0.4
version/android/4.1
version/android/4.1.2
version/android/4.2
version/android/4.2.1
version/android/4.2.2
version/android/4.3
version/android/4.3.1
version/android/4.4
version/android/4.4.1
version/android/4.4.2
version/android/4.4.3
version/android/4.4.4
version/android/5.0
version/android/5.0.1
version/android/5.0.2
version/android/5.1
version/android/5.1.0
version/android/5.1.1
version/android/6.0
version/android/6.0.1
version/android/7.0
version/android/7.1.0
version/android/7.1.1
version/android/7.1.2