CVE-2017-0408
HIGHAndroid 7.1.1 - Remote Code Execution via Crafted File in libgdx
Title source: llmDescription
A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 7.1.1. Android ID: A-32769670.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96092
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1037798
Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2017-02-01.html
Scores
CVSS v3
7.8
EPSS
0.0040
EPSS Percentile
61.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
google/android
7.1.1
Google Inc./Android
Android-7.1.1
Published
Feb 08, 2017
Tracked Since
Feb 18, 2026