6 matches found
CVE-2016-3861
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2016-3861
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2016-3861
CVE-2016-3861 involves LibUtils on Android (4.x up to 4.4.4; 5.x; 6.x up to 2016-09-01; 7.0 before 2016-09-01) where conversions between Unicode encodings of different widths are mishandled, allowing remote code execution or a heap-based buffer overflow via a crafted file. Exploitation is evidenc...
CVE-2016-3861
creationtimestamp| type| source ---|---|--- 2016-09-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40354...
Return to libstagefright: exploiting libutils on Android
Posted by Mark Brand, Invalidator of Unic�o�d�e I’ve been investigating different fuzzing approaches on some Android devices recently, and this turned up the following rather interesting bug CVE 2016-3861 fixed in the most recent Android Security Bulletin, deep in the bowels of the usermode Andro...
CVE-2016-3861
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of...