CVE-2011-1001

Android SDK < 2.3 - Denial of Service via Malformed APK or Dex File

Title source: llm
STIX 2.1

Description

dexdump in Android SDK before 2.3 does not properly perform structural verification, which allows user-assisted remote attackers to cause a denial of service (dexdump crash) and possibly execute arbitrary code via a malformed APK or dex file that calls a method using more arguments than the number of register that have been declared for that method.

References (2)

Core 2

Scores

EPSS 0.0123
EPSS Percentile 65.4%

Details

CWE
CWE-20
Status published
Products (7)
google/android_sdk 1.1
google/android_sdk 1.5
google/android_sdk 1.6
google/android_sdk 2.0
google/android_sdk 2.0.1
google/android_sdk 2.1
google/android_sdk < 2.2
Published Jul 08, 2011
Tracked Since Feb 18, 2026