Lucene search
K

963 matches found

NVD
NVD
added 2015/10/01 12:59 a.m.21 views

CVE-2015-3845

The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a crafted application, a...

6.8CVSS6.3AI score0.00607EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2015/10/01 12:59 a.m.43 views

CVE-2015-1528

Integer overflow in the nativehandlecreate function in libcutils/nativehandle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service Binder heap memory corruption via a crafted application, aka internal bug 19334482...

9.3CVSS5.9AI score0.02742EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2015/10/01 12:59 a.m.33 views

CVE-2015-1538

Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted atoms in MP4 data that trigger an unchecked multiplication, aka internal bug 20139950, a related...

10CVSS7.6AI score0.99064EPSS
Exploits6References5
Prion
Prion
added 2015/10/01 12:59 a.m.22 views

Design/Logic Flaw

The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a crafted application, a...

6.8CVSS6.8AI score0.00607EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2015/10/01 12:59 a.m.18 views

Integer overflow

Integer overflow in the nativehandlecreate function in libcutils/nativehandle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service Binder heap memory corruption via a crafted application, aka internal bug 19334482...

9.3CVSS7.3AI score0.02742EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2015/10/01 12:59 a.m.5 views

UBUNTU-CVE-2015-1528

Integer overflow in the nativehandlecreate function in libcutils/nativehandle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service Binder heap memory corruption via a crafted application, aka internal bug 19334482...

9.3CVSS5.8AI score0.02742EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2015/10/01 12:59 a.m.40 views

CVE-2015-3845

The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a crafted application, a...

6.8CVSS5.9AI score0.00607EPSS
Exploits0References3
OSV
OSV
added 2015/10/01 12:59 a.m.7 views

UBUNTU-CVE-2015-3845

The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a crafted application, a...

6.8CVSS5.8AI score0.00607EPSS
Exploits0References4
CVE
CVE
added 2015/10/01 12:0 a.m.62 views

CVE-2015-3845

CVE-2015-3845 affects Android Binder’s Parcel handling: the Parcel::appendFrom function in libs/binder/Parcel.cpp does not consider parcel boundaries when identifying binder objects, in Android versions before 5.1.1 LMY48M. The underlying flaw can allow a crafted application to obtain privileges ...

6.8CVSS6.5AI score0.00607EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/10/01 12:0 a.m.23 views

CVE-2015-3845

The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a crafted application, a...

6.3AI score0.00607EPSS
Exploits0References2
myhack58
myhack58
added 2015/09/01 12:0 a.m.33 views

Android-libcutils library integer overflow leading to heap damage vulnerability discovery and exploit-vulnerability warning-the black bar safety net

Before reading this article, you best understand the Android Binder mechanism, for graphics system BufferQueue principle, the heap Manager jemalloc the basic principles. This article describes how to use the libcutils library stack damage vulnerability get systemserver permissions, this...

1.4AI score
Exploits0
myhack58
myhack58
added 2015/08/04 12:0 a.m.16 views

Android tremble! Black Hat2015 hacker conference to be announced 6 security a threat-vulnerability warning-the black bar safety net

For phone control and information security of the party, the Black Hat, the world's top hacker conference is certainly not to be missed, each time the General Assembly will burst a lot of interesting things, such as this opening in the United States, held Black Hat 2 0 1 5, the“fresh”security...

0.1AI score
Exploits0
myhack58
myhack58
added 2015/07/18 12:0 a.m.29 views

Android very hurt: the Black Hat 2 0 1 5 hacker conference will be the announcement of the 6 mobile security threats-vulnerability warning-the black bar safety net

Black Hat 2 0 1 5 held soon, now with the small series together see see next month at Black Hat USA posted some of the Android security threat. 6 4-bit Android Root Recently a lot about the smartphone Root will cause the phone to much more dangerous debate. But we hope that cyber criminals would...

8.7AI score
Exploits0
securityvulns
securityvulns
added 2015/04/19 12:0 a.m.59 views

CVE-2014-7953 Android backup agent code execution

Android backup agent arbitrary code execution --------------------------------------------- The Android backup agent implementation was vulnerable to privilege escalation and race condition. An attacker with adb shell access could run arbitrary code as the system 1000 user or any other valid...

0.1AI score0.01074EPSS
Exploits6
myhack58
myhack58
added 2014/11/13 12:0 a.m.33 views

[CVE-2 0 1 4-3 1 0 0]Android KeyStore stack overflow vulnerability analysis-vulnerability warning-the black bar safety net

CVE-2 0 1 4-3 1 0 0 is Android platform KeyStore to a stack overflow vulnerability. This vulnerability is the last 9 month by IBM of the two engineers found and reported to Google, in year 6, on 2 3, is disclosed. After the public, Google also released a vulnerability test code. So what is a...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.137 views

Linux ARM - Local Root Exploit

No description provided by source. / Just a lame binder local root exploit stub. Somewhat messy but whatever. The bug was reported in CVE-2013-6282. Tested on Android 4.2.2 and 4.4. Kernels 3.0.57, 3.4.5 and few more. All up to 3.4.5 unpatched should be vulnerable. You need to customize the...

7.2CVSS0.39711EPSS
Exploits9
The Hacker News
The Hacker News
added 2014/03/05 11:48 p.m.13 views

Symantec discovered Android Malware Toolkit named Dendroid

Android platform is becoming vulnerable day by day and hackers always try to manipulate android by applying novel techniques. In this regard, Symantec researchers have found a new android malware toolkit named “Dendroid”. Previously Symantec found an Android Remote admin tool named AndroRAT is...

7AI score
Exploits0
exploitpack
exploitpack
added 2014/02/11 12:0 a.m.78 views

Linux Kernel 3.4.5 (Android 4.2.24.4 ARM) - Local Privilege Escalation

Linux Kernel 3.4.5 Android 4.2.24.4 ARM - Local Privilege Escalation / Just a lame binder local root exploit stub. Somewhat messy but whatever. The bug was reported in CVE-2013-6282. Tested on Android 4.2.2 and 4.4. Kernels 3.0.57, 3.4.5 and few more. All up to 3.4.5 unpatched should be vulnerabl...

7.2CVSS1.4AI score0.39711EPSS
Exploits9
Exploit DB
Exploit DB
added 2014/02/11 12:0 a.m.336 views

Linux Kernel < 3.4.5 (Android 4.2.2/4.4 ARM) - Local Privilege Escalation

/ Just a lame binder local root exploit stub. Somewhat messy but whatever. The bug was reported in CVE-2013-6282. Tested on Android 4.2.2 and 4.4. Kernels 3.0.57, 3.4.5 and few more. All up to 3.4.5 unpatched should be vulnerable. You need to customize the addresses so that they match the target...

8.8CVSS9.2AI score0.39711EPSS
Exploits9
n0where
n0where
added 2014/01/23 6:31 p.m.210 views

Advanced File Binder: Rakabulle

Advanced File Binder from DarkComet RAT Developer Rakabulle in one word is a file binder from DarkComet RAT Developer with few novel features which could transform a simple binder program to something very complex. What is a file binder? In few words a file binder is a tiny tool which allows...

8.2AI score
Exploits0
Rows per page
Query Builder