[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Android KeyStore Stack Buffer Overflow (CVE-2014-3100)

To: bugtraq@xxxxxxxxxxxxxxxxx, fulldisclosure@xxxxxxxxxxxx
Subject: [FD] Android KeyStore Stack Buffer Overflow (CVE-2014-3100)
From: Roee Hay <roeeh@xxxxxxxxxx>
Date: Mon, 23 Jun 2014 21:49:48 +0300

Hi,

We have discovered a stack-based buffer overflow in the Android
KeyStore service which affects Android 4.3 and below. The issue was
patched in Android 4.4.

The vulnerability is identified as CVE-2014-3100.

More details are available at:

1. Blog post: http://ibm.co/1pbk4yH
2. Advisory: http://slidesha.re/1nxBnmY

-Roee

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: Re: [FD] keybase.io
Next by Date: [FD] Session Hijack Vulnerabilty on ebays german want ad?
Previous by thread: [FD] Fwd: CFP ekoparty 2014
Next by thread: [FD] Session Hijack Vulnerabilty on ebays german want ad?
Index(es):
- Date
- Thread