{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "5.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "5.0.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "5.0.2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "5.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "5.1.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "5.1.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "6.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "6.0.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.0" } ] } ] } } ], "details": "An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31251826.", "id": "CVE-2016-6762", "modified": "2026-03-13T21:50:23.357912869Z", "published": "2017-01-12T15:59:00.387Z", "references": [ { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/94700" }, { "type": "ADVISORY", "url": "https://source.android.com/security/bulletin/2016-12-01.html" } ], "severity": [ { "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }