CVE-2020-0192
MEDIUMAndroid 10 - Out-of-bounds Read in ih264d_decode_slice_thread
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-0192. PoCs published by himanshu67111.
AI-analyzed exploit summary This is a proof-of-concept exploit for CVE-2020-0192, a vulnerability in the Android media framework's H.264 decoder. The code demonstrates a heap-based buffer overflow in the `ih264d_process_pslice.c` file, which can lead to remote code execution.
Description
In ih264d_decode_slice_thread of ih264d_thread_parse_decode.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144687080
Exploits (1)
This is a proof-of-concept exploit for CVE-2020-0192, a vulnerability in the Android media framework's H.264 decoder. The code demonstrates a heap-based buffer overflow in the `ih264d_process_pslice.c` file, which can lead to remote code execution.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N