Android KeyStore Stack Buffer Overflow (CVE-2014-3100)

From: Roee Hay <roeeh@il.ibm.com>
To: bugtraq@securityfocus.com,fulldisclosure@seclists.org
Cc:
Subject: Android KeyStore Stack Buffer Overflow (CVE-2014-3100)
Date:


Hi,

We have discovered a stack-based buffer overflow in the Android
KeyStore service which affects Android 4.3 and below. The issue was
patched in Android 4.4.

The vulnerability is identified as CVE-2014-3100.

More details are available at:

1. Blog post: http://ibm.co/1pbk4yH
2. Advisory: http://slidesha.re/1nxBnmY

-Roee





Copyright © 1995-2020 LinuxRocket.net. All rights reserved.