158 matches found
UBUNTU-CVE-2016-2452
codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature ...
CVE-2016-2459
mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and...
Android Mediaserver Arbitrary Code Execution Vulnerability (CNVD-2016-02842)
Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. An arbitrary code execution vulnerability exists in Android's Mediaserver, which can be exploited by remote attackers to cause memor...
Android Mediaserver Privilege Mobilization Vulnerability (CNVD-2016-02848)
Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. A privilege escalation vulnerability exists in Android's Mediaserver, which can be exploited by a local attacker with the help of a...
Android Mediaserver Privilege Vulnerability
Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. A privilege escalation vulnerability exists in Android's Mediaserver, which can be exploited by a local attacker with the help of a...
Android Mediaserver Information Disclosure Vulnerability (CNVD-2016-02844)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA in the U.S. Mediaserver is one of the multimedia service components. An information disclosure vulnerability exists in Android's Mediaserver, which can be exploited by attackers to...
CVE-2016-2419
media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certain key-request data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as...
CVE-2016-2418
media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain metadata buffer pointers, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as...
CVE-2016-0839
postproc/volumelistener.c in mediaserver in Android 6.x before 2016-04-01 mishandles deleted effect context, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 25753245...
CVE-2016-0835
decoder/impeg2ddechdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file that triggers a certain negative value, aka internal bug 26070014...
CVE-2016-0834
An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26220548...
UBUNTU-CVE-2016-0839
postproc/volumelistener.c in mediaserver in Android 6.x before 2016-04-01 mishandles deleted effect context, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 25753245...
UBUNTU-CVE-2016-2419
media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certain key-request data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as...
CVE-2016-0837
MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read and memory corruption via a crafted media file, aka...
Android Mediaserver Remote Code Execution Vulnerability (CNVD-2016-02064)
Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. A remote code execution vulnerability exists in Mediaserver in Android versions prior to 6.0 and 6.0.1. A remote attacker can exploi...
Android Mediaserver Remote Code Execution Vulnerability (CNVD-2016-02058)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA in the U.S. Mediaserver is one of the multimedia service components. A remote code execution vulnerability exists in Android's Mediaserver. A remote attacker could exploit this...
Android Mediaserver Information Disclosure Vulnerability (CNVD-2016-02056)
Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. An information disclosure vulnerability exists in Android's Mediaserver. An attacker could exploit this vulnerability to disclose...
Android Mediaserver Remote Code Execution Vulnerability (CNVD-2016-02061)
Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. A remote code execution vulnerability exists in Android's Mediaserver. A remote attacker could exploit this vulnerability with a...
Android Mediaserver Remote Code Execution Vulnerability (CNVD-2016-02059)
Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. A remote code execution vulnerability exists in Mediaserver in Android versions prior to 6.0 and 6.0.1. A remote attacker can exploi...
The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information or bypass security mechanisms
The vulnerability of the BnGraphicBufferProducer::onTransact function libs/gui/IGraphicBufferConsumer.cpp in the mediaserver component of the Android operating system exists due to the lack of initialization for certain input data structures. Exploiting this vulnerability could allow an attacker ...