10 matches found
web.ff.cuni.cz Cross Site Scripting vulnerability OBB-3407212
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Google Android 5.0 < 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Android Stagefright MP4 tx3g Integer Overflow", 'Description' = %q This module exploits a integer overflow vulnerability in the...
Android Stagefright MP4 tx3g Integer Overflow
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Android Stagefright MP4 tx3g Integer Overflow", 'Description' = %q This module exploits a integer overflow vulnerability in the...
CVE-2015-3864
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an...
CVE-2015-3864
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an...
CVE-2015-3864
CVE-2015-3864 is a remote-code-execution vulnerability in Android’s mediaserver (libstagefright). It arises from an integer underflow when parsing the MPEG-4 tx3g chunk in the Stagefright parser, enabling crafted MPEG-4 data to corrupt memory. The issue is tied to an incomplete fix for CVE-2015-3...
CVE-2015-3864
creationtimestamp| type| source ---|---|--- 2015-09-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38226 2016-09-27 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40436 2016-09-27 19:42:42+00:00| published-proof-of-concept| https://t.me/canyoupwnme/91 2018-05-29...
Stagefrightened?
Posted by Mark Brand, Bypasser of Mitigations There’s been a lot of attention recently around a number of vulnerabilities in Android’s libstagefright. There’s been a lot of confusion about the remote exploitability of the issues, especially on modern devices. In this blog post we will demonstrate...
Nexus Security Bulletin - September 2015Stay organized with collectionsSave and categorize content based on your preferences.
We have released a security update to Nexus devices through an over-the-air OTA update as part of our Android Security Bulletin Monthly Release process Build LMY48M. The updates for Nexus devices and source code patches for these issues have also been released to the Android Open Source Project...
Incomplete 'Stagefright' Security Patch Leaves Android Vulnerable to Text Hack
Wanna hack someone's Android smartphone by sending just an MMS message? Yes, you can, because Google's patch for the Stagefright vulnerability in hundreds of Millions of Android devices is BUGGY. Last week, Google issued an official patch for Stagefright vulnerability that affects 95 percent of...