CVE-2017-0477

HIGH

Android 7.1.1 - Remote Code Execution via Crafted File in libgdx

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0477. PoCs published by codecat007.

AI-analyzed exploit summary This PoC demonstrates CVE-2017-0477 by loading a malicious GIF file via the `libgdx.so` library, which triggers a vulnerability in Android's media processing. The exploit leverages `gdx2d_load` and `gdx2d_free` functions to exploit a memory corruption issue.

Description

A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 7.1.1. Android ID: A-33621647.

Exploits (1)

github WORKING POC 8 stars

by codecat007 · cpoc

https://github.com/codecat007/cvehub/tree/main/android/securityPatch/CVE-2017-0477

View Code ZIP pw:eip

This PoC demonstrates CVE-2017-0477 by loading a malicious GIF file via the `libgdx.so` library, which triggers a vulnerability in Android's media processing. The exploit leverages `gdx2d_load` and `gdx2d_free` functions to exploit a memory corruption issue.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Android (libgdx.so)

No auth needed

Prerequisites: Malicious GIF file placed at `/data/local/tmp/CVE-2017-0477.gif` · Access to the target device's filesystem

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/96760

Vendor Advisory x_refsource_confirm

https://source.android.com/security/bulletin/2017-03-01

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1037968

Vendor Advisory

https://source.android.com/security/bulletin/2017-03-01.html

Scores

CVSS v3 7.8

EPSS 0.0032

EPSS Percentile 55.2%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (4)

google/android 7.0

google/android 7.1.0

google/android 7.1.1

Google Inc./Android Android-7.1.1

Published Mar 08, 2017

Tracked Since Feb 18, 2026