CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-3922

libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.2%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

http://source.android.com/security/bulletin/2016-10-01.html
http://www.securityfocus.com/bid/93315
https://android.googlesource.com/platform/hardware/ril/+/95610818918f6f11fe7d23aca1380e6c0fac2af0
http://source.android.com/security/bulletin/2016-10-01.html
http://www.securityfocus.com/bid/93315
https://android.googlesource.com/platform/hardware/ril/+/95610818918f6f11fe7d23aca1380e6c0fac2af0

Products affected by CVE-2016-3922

Google » Android » Version: 6.0

cpe:2.3:o:google:android:6.0
Google » Android » Version: 6.0.1

cpe:2.3:o:google:android:6.0.1
Google » Android » Version: 7.0

cpe:2.3:o:google:android:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3922

Products

Pricing

Contact Us