VYPR
Unrated severityNVD Advisory· Published Jan 27, 2012· Updated Jun 16, 2026

CVE-2011-3874

CVE-2011-3874

Description

Stack-based buffer overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 allows user-assisted remote attackers to execute arbitrary code via an application that calls the FrameworkListener::dispatchCommand method with the wrong number of arguments, as demonstrated by zergRush to trigger a use-after-free error.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

13
  • Google/Android13 versions
    cpe:2.3:o:google:android:2.2:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:o:google:android:2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.2:rev1:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.3:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.3.4:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.3.5:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.3.6:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:2.3:rev1:*:*:*:*:*:*
    • (no CPE)range: 2.2.x-2.2.2, 2.3.x-2.3.6

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.