CVE-2018-9472

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 20, 2024

Updated: Nov 21, 2024

CWE ID 190

Summary

CVE-2018-9472 is an integer overflow vulnerability affecting the xmlMemStrdupLoc function in xmlmemory.c. This issue results in a possible out-of-bounds write, increasing the risk of remote code execution. Remarkably, this exploit can be carried out in an unprivileged process, making user interaction essential for successful exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/WITXsc
https://www.cve.org/CVERecord?id=CVE-2018-9472
https://nvd.nist.gov/vuln/detail/CVE-2018-9472

Back to Vulnerability Database