CVE-2016-1387

The XML API in TelePresence Codec TC 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint CE 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes v...

CVE-2016-1387

Cisco TelePresence TC (Codec) 7.2.x–7.3.x and CE (Collaboration Endpoint) 8.0.x–8.1.x are affected by an authentication bypass in the XML API due to improper authentication implementation. An unauthenticated, remote attacker can bypass XML API authentication and perform configuration changes or i...

The vulnerability of the Android operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the H.264 decoder in the libstagefright library of the Android operating system exists due to incorrect processing of the Memory Management Control Operation MMCO data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability

A vulnerability in the XML application programming interface API of Cisco TelePresence Codec TC and Collaboration Endpoint CE Software could allow an unauthenticated, remote attacker to bypass authentication and access a targeted system through the API. The vulnerability is due to improper...

CVE-2016-0834

An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26220548...

Memory corruption

An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26220548...

CVE-2016-0834

An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26220548...

CVE-2016-0834

An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26220548...

UBUNTU-CVE-2016-0834

An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26220548...

CVE-2016-0834

CVE-2016-0834 affects Android 6.x mediaserver with an unspecified media codec vulnerability that allows remote code execution or memory corruption via a crafted media file (internal bug 26220548). The NVD entry notes a CVSSv3 base score of 8.4 (HIGH) with local attack vector, no privileges, and n...

Android Remote Code Execution Vulnerability

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in the Media Codec in Android versions prior to 6.0 and prior to 6.0.1. A remote attacker can exploit this vulnerability to cau...

April 2016 Google Android Nexus Security Bulletin

Google has patched a vulnerability being exploited in the wild to root Nexus 5 Android devices. The public exploit—a rooting application—was privately disclosed to Google on March 15 by Zimperium researchers, and a less than a month after CORE Team researchers reported that CVE-2015-1805, which w...

Adobe Flash - Zlib Codec Heap Overflow

Adobe Flash - Zlib Codec Heap Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=720 There is a heap overflow in the Zlib codecs used when playing flv files in flash. Sample flv files are attached. Load http://127.0.0.1/LoadMP42.swf?file=smalloverflow.flv to reproduce. Pro...

Adobe Flash - Zlib Codec Heap Overflow

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=720 There is a heap overflow in the Zlib codecs used when playing flv files in flash. Sample flv files are attached. Load http://127.0.0.1/LoadMP42.swf?file=smalloverflow.flv to...

Adobe Flash - Zlib Codec Heap Overflow

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=720 There is a heap overflow in the Zlib codecs used when playing flv files in flash. Sample flv files are attached. Load http://127.0.0.1/LoadMP42.swf?file=smalloverflow.flv to reproduce. Proof of Concept:...

[SECURITY] Fedora 23 Update: libvpx-1.4.0-6.fc23

libvpx provides the VP8 SDK, which allows you to integrate your applications with the VP8 video codec, a high quality, royalty free, open source codec deployed on millions of computers and devices worldwide...

JasPer Memory Leak Vulnerability

JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. A memory leak vulnerability exists in the 'jasiccprofcreatefrombuf' function in JasPer, which can be exploited by remote attackers to cause a denial of service memory consumption...

DEBIAN-CVE-2015-8397

The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM aka GDCM before 2.6.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service application crash via an embedded JPEG-LS image with dimension...

ffmpeg -- multiple vulnerabilities

NVD reports: The updatedimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service race conditi...

Vulnerability of Firefox and Firefox ESR browsers, allowing attackers to execute arbitrary code

The vulnerability of the nestegg-trackcodecdata function in Firefox and Firefox ESR browsers is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted WebM video element header...