ГлавнаяУязвимости → CVE-2018-9433
8.8высокая

CVE-2018-9433

Описание

In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

Затрагиваемое ПО
Google Android
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://source.android.com/security/bulletin/2018-07-01