Title : Android Dexdump Buffer Overflow Vulnerability
Discoverer: Veysel HATAS (vhatas@gmail.com)
Web page : wise.cs.hacettepe.edu.tr
Test: Nexus 4 Android 5.1.1
Status: Not Fi Title : Android Dexdump Buffer Overflow Vulnerability
Discoverer: Veysel HATAS (vhatas@gmail.com)
Web page : wise.cs.hacettepe.edu.tr
Test: Nexus 4 Android 5.1.1
Status: Not Fixed
Severity : High
Discovered: 04 February 2018
Reported: 03 August 2018
Published: -
Description : dexdump contains a flaw that is triggered as user-supplied
input is not properly sanitized when handling a specially crafted dex file.
This bug is triggeredin a/system/lib/libz.so" native library. This may
allow a context-dependent attacker to corrupt memory and cause a denial of
service or potentially execute arbitrary code.
--
----
Veysel HATAA
Security Researcher
Blog: http://www.binarysniper.net
Twitter: https://twitter.com/muh4f1z
PGP key: http://www.binarysniper.net/p/veysels-ublic-pgp-key.html
Android Dexdump Buffer Overflow
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 351