Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0985

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-0985
Last Modified 05 Sep 2008 05:36:30
Published 05 Mar 2008 07:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0985

Summary

Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37a and earlier allows remote attackers to execute arbitrary code via a crafted GIF file whose logical screen height and width are different than the actual height and width.

Vulnerable Systems

Application

  • Google Android Sdk M3-rc37a


References

CONFIRM - http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html

BID - 28005

BUGTRAQ - 20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK

MISC - http://www.coresecurity.com/?action=item&id=2148

XF - androidsdk-gifimagedecoderondecode-bo(40998)

SREASON - 3727


Last Updated: 27 May 2016 10:46:58