High severity8.4NVD Advisory· Published Apr 18, 2016· Updated Jun 17, 2026
CVE-2016-0849
CVE-2016-0849
Description
Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26960931.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
- (no CPE)range: 5.0.x < 5.0.2, 5.1.x < 5.1.1, 6.x < 2016-04-01
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.