3 matches found
CVE-2015-3827
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service integer underflow and memory...
CVE-2015-3827
Android Stagefright: CVE-2015-3827 is a vulnerability in libstagefright’s MPEG4 covr handling. The MPEG4Extractor::parseChunk path does not validate the relationship between chunk sizes and skip sizes, causing an integer underflow that can lead to remote code execution or memory corruption via cr...
Google Android Stagefright MP4 Multiple Atoms Integer Underflow (CVE-2015-1539; CVE-2015-3827)
A remote code execution vulnerability, known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to an integer underflow condition in multiple MP4 atoms. Successful exploitation would allow an attacker to execute arbitrary code on the target system...