Candidate: CVE-2017-0476
PublicDate: 2017-03-08 01:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0476
 https://source.android.com/security/bulletin/2017-03-01.html
Description:
 A remote code execution vulnerability in AOSP Messaging could enable an
 attacker using a specially crafted file to cause memory corruption during
 media file and data processing. This issue is rated as High due to the
 possibility of remote code execution within the context of an unprivileged
 process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID:
 A-33388925.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [7.8 HIGH]

Patches_android:
upstream_android: needs-triage
precise_android: DNE
precise/esm_android: DNE
trusty_android: ignored (abandoned)
trusty/esm_android: DNE (trusty was ignored [abandoned])
vivid/stable-phone-overlay_android: ignored (reached end-of-life)
vivid/ubuntu-core_android: DNE
xenial_android: ignored (abandoned)
yakkety_android: ignored (reached end-of-life)
zesty_android: ignored (reached end-of-life)
artful_android: DNE
bionic_android: DNE
devel_android: DNE