EUVD-2018-19705

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-0556

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels...

Linux Distros Unpatched Vulnerability : CVE-2016-2479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buff...

The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code (memory corruption).

The vulnerability of the libhevc component in the Android operating system’s Mediaserver is caused by an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code memory corruption...

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Android operating system’s mediaserver component is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

The vulnerability of the Android operating system, which allows a hacker to trigger a service failure

The vulnerability of the Mediaserver component in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service interruptions device freezing and reboots by using a specially crafted file...

UBUNTU-CVE-2017-0381

An information disclosure vulnerability in silk/NLSFstabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product:...

UBUNTU-CVE-2017-0392

A denial of service vulnerability in VBRISeeker.cpp in libstagefright in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4,...

How Bugs Lead to a Better Android

Google is used to taking a beating over Android vulnerabilities, but it says too often its hard work fixing vulnerabilities and keeping the platform safe goes unnoticed. “Over the seven years working on Android security vulnerabilities I’ve seen a lot of bugs and a lot of fear uncertainty and...

Google's Android Rewards Program Pays Out Half Million in First Year

Google wrapped up the first year of its Android Security Rewards program this week, a span of time that saw the company pay out just north of half a million dollars to security researchers who helped identify vulnerabilities in the mobile operating system. In all, the company paid 82 researchers ...

CVE-2016-2480

The mm-video-v4l2 vidc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate certain OMX parameter data structures, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the media/libmedia/IOMX.cpp function in the Android operating system’s mediaserver component is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to enhance their privileges through a specially created...

The vulnerability of the Android operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the MPEG4Extractor.cpp function in the libstagefright library of the mediaserver component in the Android operating system is due to a buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures such as out-of-memory...

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the libcameraservice library in the mediaserver component of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges through a specially created application...

The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code or cause a service failure

The vulnerability of the Android operating system’s mediaserver component is caused by a buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure using a specially created multimedia file...

The vulnerability of the Android operating system, which allows a perpetrator to gain access to protected information or enhance their privileges

The vulnerability of the Android operating system’s mediaserver component is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to enhance their privileges or gain access to protected information...