- Description
- In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
- Source
- security@android.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-94
- Hype score
- Not currently trending
CVE-2024-40673 01/28/2025 08:15:49 PM In Source of https://t.co/5nQLrfBmS3, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper ... https://t.co/SjhxaYVx9N
@CVETracker
29 Jan 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-40673 Remote Code Execution in Source of https://t.co/4A6rHpspbH via Dynamic Code Loading https://t.co/d3rliCvupT
@VulmonFeeds
28 Jan 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-40673 In Source of https://t.co/Ix1yUZ3yKs, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. Th… https://t.co/VTuyrHsbrV
@CVEnew
28 Jan 2025
298 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes