158 matches found
Android Mediaserver Absolute Service Vulnerability (CNVD-2016-07433)
Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. A security vulnerability exists in Android Mediaserver, which allows remote attackers to build malicious applications that can be exploited to trick users into parsing, which can crash...
Android Mediaserver Denial of Service Vulnerability (CNVD-2016-07432)
Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. A security vulnerability exists in Android Mediaserver, which allows remote attackers to build malicious applications that can be exploited to trick users into parsing, which can crash...
Android Mediaserver Denial of Service Vulnerability (CNVD-2016-07431)
Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. A security vulnerability exists in Android Mediaserver, which allows remote attackers to build malicious applications that can be exploited to trick users into parsing, which can crash...
CVE-2016-3819
Integer overflow in codecs/on2/h264dec/source/h264bsddpb.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted...
UBUNTU-CVE-2016-3844
mediaserver in Android before 2016-08-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28299517...
UBUNTU-CVE-2016-3824
omx/OMXNodeInstance.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the buffer port, which allows attackers to gain privileges via a crafted application, aka internal bug 28816827...
UBUNTU-CVE-2016-3820
The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 mishandles slice numbers, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28673410...
CVE-2016-3824
CVE-2016-3824 covers a Mediaserver elevation of privilege flaw in Android’s mediaserver (libstagefright), where OMXNodeInstance.cpp in OMX buffer port handling is unvalidated. A crafted application could exploit this local issue to gain privileges. Affected are Android 4.x before 4.4.4, 5.0.x bef...
Google Android Mediaserver Remote Code Execution Vulnerability (CNVD-2016-06119)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA in the U.S. Mediaserver is one of the multimedia service components. A remote code execution vulnerability exists in Mediaserver in Android. A remote attacker could exploit this...
Google Android Mediaserver elevation of privilege vulnerability (CNVD-2016-06126)
Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. A security vulnerability exists in Mediaserver in Android, which can be exploited by a remote attacker to build special applications, induce application parsing, and elevate privileges...
Google Android Mediaserver Elevation of Privilege Vulnerability
Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. An elevation of privilege vulnerability exists in Mediaserver in Android. An attacker can exploit this vulnerability to execute...
Android Mediaserver Denial of Service Vulnerability (CNVD-2016-06012)
Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. A denial of service vulnerability exists in Mediaserver in Android. The vulnerability can be exploited to cause a device to hang or...
Android Mediaserver Information Disclosure Vulnerability (CNVD-2016-04824)
Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. An information disclosure vulnerability exists in Mediaserver in version 4.x of Android prior to 4.4.4, which can be exploited by...
CVE-2016-3765
decoder/impeg2dbitstream.c in mediaserver in Android 6.x before 2016-07-01 allows attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read via a crafted application, aka internal bug 28168413...
CVE-2016-3755
decoder/ih264dparsepslice.c in mediaserver in Android 6.x before 2016-07-01 does not properly select concealment frames, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28470138...
CVE-2016-3753
mediaserver in Android 4.x before 4.4.4 allows remote attackers to obtain sensitive information via unspecified vectors, aka internal bug 27210135...
CVE-2016-3743
decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-07-01 does not initialize certain data structures, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 27907656...
CVE-2016-2505
mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not validate a certain section length, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28333006...
Design/Logic Flaw
Use-after-free vulnerability in the mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem...
UBUNTU-CVE-2016-3741
The H.264 decoder in mediaserver in Android 6.x before 2016-07-01 does not initialize certain slice data, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28165661...