CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
74.3%
Integer signedness error in system/core/adb/adb_client.c in Android Debug Bridge (ADB) for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow.
Vendor | Product | Version | CPE |
---|---|---|---|
android_debug_bridge | - | cpe:2.3:a:google:android_debug_bridge:-:*:*:*:*:*:*:* | |
android_sdk_platform_tools | 18.0.1 | cpe:2.3:a:google:android_sdk_platform_tools:18.0.1:*:*:*:*:*:*:* | |
opensuse | opensuse | 12.3 | cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:* |
opensuse | opensuse | 13.1 | cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* |