CVE-2016-2485

libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature ...

CVE-2016-2484

libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature ...

UBUNTU-CVE-2016-2485

libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature ...

UBUNTU-CVE-2016-2484

libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature ...

Security update for MozillaFirefox, mozilla-nss (important)

This update to Mozilla Firefox 47 fixes the following issues boo983549: Security fixes: - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free deletin...

VideoLAN VLC Media Player 2.2.1 - DecodeAdpcmImaQT Buffer Overflow

VideoLAN VLC Media Player 2.2.1 - DecodeAdpcmImaQT Buffer Overflow In modules/codec/adpcm.c, VLC can be made to perform an out-of-bounds write with user-controlled input. The function DecodeAdpcmImaQT at adpcm.c:595 allocates a buffer which is filled with bytes from the input stream. However, it...

VLC -- Possibly remote code execution via crafted file

The VLC project reports: Fix out-of-bound write in adpcm QT IMA codec CVE-2016-5108...

Cisco TelePresence XML API HTTP Request Handling Authentication Bypass (cisco-sa-20160504-tpxml)

The remote host is running a version of Cisco TelePresence Codec TC that is 7.2.x prior to 7.3.6 or a version of Cisco Collaboration Endpoint CE software that is 8.x prior 8.1.1. It is, therefore, affected by an authentication bypass vulnerability in the XML application programming interface API ...

The vulnerability of the Android operating system, which allows a hacker to trigger a service failure

The vulnerability of Qualcomm’s hardware video codec in the Android operating system exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to trigger a service failure device reboot using a specially crafted file...

CVE-2016-2454

The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service reboot via a crafted file, aka internal bug 26221024...

CVE-2016-2454

The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service reboot via a crafted file, aka internal bug 26221024...

CVE-2016-2451

codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate VPX output buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...

CVE-2016-2454

The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service reboot via a crafted file, aka internal bug 26221024...

UBUNTU-CVE-2016-2454

The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service reboot via a crafted file, aka internal bug 26221024...

UBUNTU-CVE-2016-2451

codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate VPX output buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...

CVE-2016-2454

The CVE-2016-2454 entry describes a denial-of-service vulnerability in the Qualcomm hardware video codec used by Android on Nexus 5 devices prior to 2016-05-01. A crafted media/file could trigger memory corruption in the mediaserver path and cause the device to reboot, allowing remote attackers t...

CVE-2016-2454

The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service reboot via a crafted file, aka internal bug 26221024...

Cisco TelePresence Codec and Collaboration Endpoint Software Authentication Bypass Vulnerability

Cisco TelePresence is the United States Cisco Cisco company's set of video conferencing solutions known as "telepresence" system. TelePresence Codec TC and Collaboration Endpoint CE software are two of the endpoint software. Software are two of the endpoint software. An authentication bypass...

Android Qualcomm Hardware Codec Denial of Service Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and Qualcomm Hardware Codec is one of the Qualcomm hardware codecs. A denial of service vulnerability exists in Android's Qualcomm Hardware Codec, which can be exploited by remote...

Command injection

The XML API in TelePresence Codec TC 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint CE 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes v...