Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26960931.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2016-04-18T00:00:00
Updated: 2024-08-05T22:30:05.064Z
Reserved: 2015-12-16T00:00:00
Link: CVE-2016-0849
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-04-18T00:59:13.290
Modified: 2024-11-21T02:42:30.200
Link: CVE-2016-0849
Redhat
No data.