58 matches found
UBUNTU-CVE-2017-0396
An information disclosure vulnerability in visualizer/EffectVisualizer.cpp in libeffects in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission...
CVE-2017-0384
An elevation of privilege vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...
CVE-2017-0396
An information disclosure vulnerability in visualizer/EffectVisualizer.cpp in libeffects in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission...
CVE-2017-0399
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitiv...
CVE-2017-0400
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without...
CVE-2017-0396
CVE-2017-0396 is an information-disclosure vulnerability in Android’s Mediaserver. It affects Mediaserver’s libeffects component (visualizer/EffectVisualizer.cpp) and could allow a local malicious app to access data beyond its permission level. Affected versions span Android 4.4.4 through 7.1.1. ...
CVE-2017-0399
CVE-2017-0399 describes an information-disclosure vulnerability in the Qualcomm audio post processor path: libeffects at lvm/wrapper/Bundle/EffectBundle.cpp. It could allow a local malicious Android app to access data outside its permission level. Affected Android versions are 5.0.2, 5.1.1, 6.0, ...
CVE-2017-0401
CVE-2017-0401 is an information-disclosure vulnerability in the Qualcomm audio post-processor path (lvm/wrapper/Bundle/EffectBundle.cpp in libeffects). A locally running malicious application could access data outside its permissions on Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, and 7.1.1. T...
CVE-2017-0402
CVE-2017-0402 describes an information disclosure vulnerability in Audioserver (libeffects, path lvm/wrapper/Bundle/EffectBundle.cpp) that could allow a local malicious Android app to access data outside its permission levels. Affected products/versions include Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6...
Android mediaserver integer overflow vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA. mediaserver is one of the multimedia service components. An integer overflow vulnerability exists in libeffects in Android's mediaserver. An attacker can exploit this vulnerability...
CVE-2016-0827
Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and...
CVE-2016-0827
Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and...
Integer overflow
Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and...
UBUNTU-CVE-2016-0827
Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and...
CVE-2015-3842
Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka internal bug 21953516...
Heap overflow
Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka internal bug 21953516...
CVE-2015-3842
Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka internal bug 21953516...
CVE-2015-3842
Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka internal bug 21953516...