Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1001


Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1001
Last Modified 06 Sep 2011 11:15:13
Published 08 Jul 2011 01:55:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



dexdump in Android SDK before 2.3 does not properly perform structural verification, which allows user-assisted remote attackers to cause a denial of service (dexdump crash) and possibly execute arbitrary code via a malformed APK or dex file that calls a method using more arguments than the number of register that have been declared for that method.

Vulnerable Systems


  • Google Android Sdk 1.1

  • Google Android Sdk 1.5

  • Google Android Sdk 1.6

  • Google Android Sdk 2.0

  • Google Android Sdk 2.0.1

  • Google Android Sdk 2.1

  • Google Android Sdk 2.2


CONFIRM -;a=commit;h=4b0750e8df91220690bb417f45d7ae8b7851b220

FULLDISC - 20110328 Android SDK: Segmentation fault with dexdump / dexDecodeDebugInfo

Last Updated: 27 May 2016 10:56:07