CVE-2021-0635 : When extracting the incorrectly formatted flv file, the memory is damaged, the p

When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product: Androidversion:Android-10Android ID: A-189402477

Published 2021-10-06 15:15:15

Updated 2021-10-08 03:37:57

Source Android (associated with Google Inc. or Open Handset Alliance)

View at NVD, CVE.org

Products affected by CVE-2021-0635

Google » Android » Version: 10.0
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-0635

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 19 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-0635

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2021-0635

https://source.android.com/security/bulletin/2021-09-01

Android Security Bulletin—September 2021 | Android Open Source Project
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-0635

Products affected by CVE-2021-0635

Exploit prediction scoring system (EPSS) score for CVE-2021-0635

CVSS scores for CVE-2021-0635

References for CVE-2021-0635