In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a...
High severity
Unreviewed
Published
Dec 16, 2021
to the GitHub Advisory Database
•
Updated Aug 17, 2023
Description
Published by the National Vulnerability Database
Dec 15, 2021
Published to the GitHub Advisory Database
Dec 16, 2021
Last updated
Aug 17, 2023
In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-193363621
References