U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2016-5348

Change History

Modified Analysis by NIST 10/12/2016 12:02:41 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
          *cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Added CVSS V3

								
							
							
						
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Added CWE

								
							
							
						
CWE-399
Changed Reference Type
http://source.android.com/security/bulletin/2016-10-01.html No Types Assigned
http://source.android.com/security/bulletin/2016-10-01.html Vendor Advisory
Changed Reference Type
https://android.googlesource.com/platform/frameworks/base/+/218b813d5bc2d7d3952ea1861c38b4aa944ac59b No Types Assigned
https://android.googlesource.com/platform/frameworks/base/+/218b813d5bc2d7d3952ea1861c38b4aa944ac59b Patch
Changed Reference Type
https://code.google.com/p/android/issues/detail?id=213747 No Types Assigned
https://code.google.com/p/android/issues/detail?id=213747 Permissions Required
Changed Reference Type
https://wwws.nightwatchcybersecurity.com/2016/10/04/advisory-cve-2016-5348-2/ No Types Assigned
https://wwws.nightwatchcybersecurity.com/2016/10/04/advisory-cve-2016-5348-2/ Third Party Advisory, Technical Description, Exploit, Patch