{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T10:30:36.349","vulnerabilities":[{"cve":{"id":"CVE-2017-13257","sourceIdentifier":"security@android.com","published":"2018-04-04T17:29:00.740","lastModified":"2024-11-21T03:11:14.947","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In bta_pan_data_buf_ind_cback of bta_pan_act.cc there is a use after free that can result in an out of bounds read of memory allocated via malloc. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67110692."},{"lang":"es","value":"En bta_pan_data_buf_ind_cback en bta_pan_act.cc, hay un uso de memoria previamente liberada que puede resultar en una lectura fuera de límites de memoria asignada mediante malloc. Esto podría llevar a una divulgación de información sin necesitar privilegios de ejecución adicionales. No se necesita interacción del usuario para explotarlo. Producto: Android. Versiones: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67110692."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*","matchCriteriaId":"B1D94CDD-DE7B-444E-A3AE-AE9C9A779374"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E70C6D8D-C9C3-4D92-8DFC-71F59E068295"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*","matchCriteriaId":"691FA41B-C2CE-413F-ABB1-0B22CB322807"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*","matchCriteriaId":"09E6085C-A61E-4A89-BF80-EDD9A7DF1E47"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*","matchCriteriaId":"D835D592-2423-44C6-804A-3AD010112E7C"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*","matchCriteriaId":"568E2561-A068-46A2-B331-BBA91FC96F0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","matchCriteriaId":"B578E383-0D77-4AC7-9C81-3F0B8C18E033"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*","matchCriteriaId":"B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/103253","source":"security@android.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2018-03-01","source":"security@android.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/103253","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2018-03-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}