CVE-2016-6716

Publication date 25 November 2016

Last updated 24 July 2024


Ubuntu priority

Negligible

Why this priority?

Cvss 3 Severity Score

5.5 · Medium

Score breakdown

An elevation of privilege vulnerability in the AOSP Launcher in Android 7.0 before 2016-11-01 could allow a local malicious application to create shortcuts that have elevated privileges without the user's consent. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission). Android ID: A-30778130.

Status

Package Ubuntu Release Status
android 18.04 LTS bionic Not in release
17.10 artful Not in release
17.04 zesty Ignored end of life
16.10 yakkety Ignored end of life
16.04 LTS xenial Ignored abandoned
14.04 LTS trusty Not in release
12.04 LTS precise Not in release

Severity score breakdown

Parameter Value
Base score 5.5 · Medium
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Scope Unchanged
Confidentiality None
Integrity impact High
Availability impact None
Vector CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N