VDB
CVE-2019-1996
CVE-2019-1996
PUBLISHED
CVSS 3.299999952316284 LOW
In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-111451066.
EPSS 0.16% · 37.2th percentile
Risk Scores
CVSS 2.0
3.299999952316284
EPSS Score
0.16%
37.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| android | 8.0, 8.1, 9.0 | |
| Android | Android | Android-8.0 Android-8.1 Android-9 |
Exploit Intelligence
- https://source.android.com/security/bulletin/2019-02-01 (circl)
- 106946 (circl)
Timeline
- Feb 5, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score