Lucene search
K

6 matches found

NVD
NVD
added 2016/09/11 9:59 p.m.26 views

CVE-2016-3861

LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of...

9.3CVSS7.9AI score0.11172EPSS
Exploits1References8
OSV
OSV
added 2016/09/11 9:59 p.m.12 views

CVE-2016-3861

LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of...

7.8CVSS7.9AI score
Exploits0References8
CVE
CVE
added 2016/09/11 9:0 p.m.61 views

CVE-2016-3861

CVE-2016-3861 involves LibUtils on Android (4.x up to 4.4.4; 5.x; 6.x up to 2016-09-01; 7.0 before 2016-09-01) where conversions between Unicode encodings of different widths are mishandled, allowing remote code execution or a heap-based buffer overflow via a crafted file. Exploitation is evidenc...

9.3CVSS7.8AI score0.11172EPSS
Exploits1References8Affected Software1
Circl
Circl
added 2016/09/08 12:0 a.m.18 views

CVE-2016-3861

creationtimestamp| type| source ---|---|--- 2016-09-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40354...

9.3CVSS6.8AI score0.11172EPSS
Exploits1References1
GoogleProjectZero
GoogleProjectZero
added 2016/09/07 12:0 a.m.15 views

Return to libstagefright: exploiting libutils on Android

Posted by Mark Brand, Invalidator of Unic�o�d�e I’ve been investigating different fuzzing approaches on some Android devices recently, and this turned up the following rather interesting bug CVE 2016-3861 fixed in the most recent Android Security Bulletin, deep in the bowels of the usermode Andro...

8.2AI score
Exploits0
android
android
added 2016/09/01 12:0 a.m.35 views

CVE-2016-3861

LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of...

9.3CVSS8.2AI score0.11172EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder