Unrated severityNVD Advisory· Published Jan 27, 2012· Updated Jun 16, 2026
CVE-2011-3874
CVE-2011-3874
Description
Stack-based buffer overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 allows user-assisted remote attackers to execute arbitrary code via an application that calls the FrameworkListener::dispatchCommand method with the wrong number of arguments, as demonstrated by zergRush to trigger a use-after-free error.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:o:google:android:2.2:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:o:google:android:2.2:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.2:rev1:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.3:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.3.4:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.3.5:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.3.6:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.3:rev1:*:*:*:*:*:*
- (no CPE)range: 2.2.x-2.2.2, 2.3.x-2.3.6
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.