Stack-based Buffer Overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6

Stack-based Buffer Overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6

CVE-2011-3874 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Stack-based buffer overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 allows user-assisted remote attackers to execute arbitrary code via an application that calls the FrameworkListener::dispatchCommand method with the wrong number of arguments, as demonstrated by zergRush to trigger a use-after-free error.

Learn more about our Cis Benchmark Audit For Google Android.