Neurohazard
Our democracy have been h4ck3d.

特殊构造的 png 图片可以造成 Android 7.0 – 9.0 远程代码执行

wpadmin~February 11, 2019 /InfoSec

特殊构造的 png 图片可以造成 Android 7.0 – 9.0 远程代码执行

基本信息

Opening this image file grants hackers access to your Android phone
https://www.zdnet.com/article/opening-this-image-file-grants-hackers-access-to-your-android-phone/

原始信息来自 Google 2019 年 2 月的 Android 安全更新。

攻击者只要发送一张特殊构造的 PNG 图片到受害者手机即可完成漏洞利用。
CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988

Google Android ‘Framework’ Component Multiple Remote Code Execution Vulnerabilities
https://www.anquanke.com/vul/id/1471757
https://www.securityfocus.com/bid/106842

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.