Candidate: CVE-2017-0647
PublicDate: 2017-06-14 13:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0647
 https://source.android.com/security/bulletin/2017-06-01
Description:
 An information disclosure vulnerability in libziparchive could enable a
 local malicious application to access data outside of its permission
 levels. This issue is rated as Moderate because it could be used to access
 sensitive data without permission. Product: Android. Versions: 5.0.2,
 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36392138.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N [5.5 MEDIUM]

Patches_android:
upstream_android: needs-triage
precise/esm_android: DNE
trusty_android: ignored (abandoned)
trusty/esm_android: DNE (trusty was ignored [abandoned])
vivid/stable-phone-overlay_android: ignored (reached end-of-life)
vivid/ubuntu-core_android: DNE
xenial_android: ignored (abandoned)
yakkety_android: ignored (reached end-of-life)
zesty_android: ignored (reached end-of-life)
artful_android: DNE
bionic_android: DNE
cosmic_android: DNE
disco_android: DNE
eoan_android: DNE
focal_android: DNE
groovy_android: DNE
hirsute_android: DNE
impish_android: DNE
jammy_android: DNE
devel_android: DNE

Patches_android-platform-system-core:
upstream_android-platform-system-core: released (1:7.0.0+r33-2)
precise/esm_android-platform-system-core: DNE
trusty_android-platform-system-core: DNE
trusty/esm_android-platform-system-core: DNE
vivid/stable-phone-overlay_android-platform-system-core: DNE
vivid/ubuntu-core_android-platform-system-core: DNE
xenial_android-platform-system-core: ignored (end of standard support, was needed)
yakkety_android-platform-system-core: ignored (reached end-of-life)
zesty_android-platform-system-core: ignored (reached end-of-life)
artful_android-platform-system-core: ignored (reached end-of-life)
bionic_android-platform-system-core: not-affected (1:7.0.0+r33-2)
cosmic_android-platform-system-core: ignored (reached end-of-life)
disco_android-platform-system-core: not-affected (1:7.0.0+r33-2)
eoan_android-platform-system-core: not-affected (1:7.0.0+r33-2)
focal_android-platform-system-core: not-affected (1:7.0.0+r33-2)
groovy_android-platform-system-core: not-affected (1:7.0.0+r33-2)
hirsute_android-platform-system-core: not-affected (1:7.0.0+r33-2)
impish_android-platform-system-core: not-affected (1:7.0.0+r33-2)
jammy_android-platform-system-core: not-affected (1:7.0.0+r33-2)
devel_android-platform-system-core: not-affected (1:7.0.0+r33-2)