CVE-2018-9474 | Google Android 7/8/8.1/9 MediaPlayer.java writeToParcel deserialization

Posted by Angelo Barbosa | Nov 20, 2024 | CVE

A vulnerability was found in Google Android 7/8/8.1/9. It has been classified as problematic. This affects the function writeToParcel of the file MediaPlayer.java. The manipulation leads to deserialization.

This vulnerability is uniquely identified as CVE-2018-9474. Local access is required to approach this attack. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2018-9474 | Google Android 7/8/8.1/9 MediaPlayer.java writeToParcel deserialization

Related Posts

CVE-2023-48791 | Fortinet FortiPortal up to 7.0.6/7.2.0 Schedule System Backup Page command injection (FG-IR-23-425)

CVE-2024-23655 | tutao tutanota prior 3.119.10 Email denial of service (GHSA-5h47-g927-629g)

CVE-2018-25099 | CryptX up to 0.061 on Perl Tag Privilege Escalation (Issue 47)

CVE-2024-26648 | Linux Kernel up to 6.6.14/6.7.2 display edp_setup_replay null pointer dereference (22ae604aea14/c02d257c6541/7073934f5d73)