957 matches found
CVE-2015-6598
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 23306638...
CVE-2015-3876
libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a 1 MP3 or 2 MP4 file...
CVE-2015-6602
libutils in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a 1 MP3 or 2 MP4 file, as demonstrated by an attack against use of libutils by libstagefright in Android 5.x...
CVE-2014-7916
Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15342751...
CVE-2014-7915
Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15328708...
CVE-2015-3827
Android Stagefright: CVE-2015-3827 is a vulnerability in libstagefright’s MPEG4 covr handling. The MPEG4Extractor::parseChunk path does not validate the relationship between chunk sizes and skip sizes, causing an integer underflow that can lead to remote code execution or memory corruption via cr...
CVE-2015-3832
CVE-2015-3832: Affects Android devices with vulnerable libstagefright code (MPEG4Extractor.cpp) prior to 5.1.1 LMY48I. Multiple buffer overflows allow remote attackers to execute arbitrary code via invalid NAL unit size values in MP4 data; the vulnerability is tied to the MP4/Stagefright processi...
CVE-2015-6600
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 22882938...
CVE-2015-1538
CVE-2015-1538 affects libstagefright (Android) via an integer overflow in the SampleTable::setSampleToChunkParams handling of MP4 atoms. The issue occurs in libstagefright before Android 5.1.1 LMY48I and can enable remote code execution through crafted MP4 data. The documented impact is remote co...
CVE-2015-3834
Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in libstagefright in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application that uses HDCP encryption, leading to a heap-based buffer overflow, aka internal bug...
CVE-2015-6575
SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly consider integer promotion, which allows remote attackers to execute arbitrary code or cause a denial of service integer overflow and memory corruption via crafted atoms in MP4 data, aka internal bug 20139950, a...
CVE-2015-3827
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service integer underflow and memory...
Stagefrightened?
Posted by Mark Brand, Bypasser of Mitigations There’s been a lot of attention recently around a number of vulnerabilities in Android’s libstagefright. There’s been a lot of confusion about the remote exploitability of the issues, especially on modern devices. In this blog post we will demonstrate...
Mozilla Firefox < 38.0 Multiple Vulnerabilities
Binary data 8865.prm...
Android Stagefright Media Playback Engine 远程代码执行漏洞
No description provided by source. !/usr/bin/env python Joshua J. Drake @jduck of ZIMPERIUM zLabs Shout outs to our friends at Optiv formerly Accuvant Labs C Joshua J. Drake, ZIMPERIUM Inc, Mobile Threat Protection, 2015 www.zimperium.com Exploit for RCE Vulnerability CVE-2015-1538 1 Integer...
Android Stagefright Remote Code Execution
!/usr/bin/env python Joshua J. Drake @jduck of ZIMPERIUM zLabs Shout outs to our friends at Optiv formerly Accuvant Labs C Joshua J. Drake, ZIMPERIUM Inc, Mobile Threat Protection, 2015 www.zimperium.com Exploit for RCE Vulnerability CVE-2015-1538 1 Integer Overflow in the libstagefright MP4 ‘sts...
Android Stagefright - Remote Code Execution Exploit
Exploit for Android platform in category remote exploits !/usr/bin/env python Joshua J. Drake @jduck of ZIMPERIUM zLabs Shout outs to our friends at Optiv formerly Accuvant Labs C Joshua J. Drake, ZIMPERIUM Inc, Mobile Threat Protection, 2015 www.zimperium.com Exploit for RCE Vulnerability...
Google Android - Stagefright Remote Code Execution
Google Android - Stagefright Remote Code Execution !/usr/bin/env python Joshua J. Drake @jduck of ZIMPERIUM zLabs Shout outs to our friends at Optiv formerly Accuvant Labs C Joshua J. Drake, ZIMPERIUM Inc, Mobile Threat Protection, 2015 www.zimperium.com Exploit for RCE Vulnerability CVE-2015-153...
Google Android - 'Stagefright' Remote Code Execution
!/usr/bin/env python Joshua J. Drake @jduck of ZIMPERIUM zLabs Shout outs to our friends at Optiv formerly Accuvant Labs C Joshua J. Drake, ZIMPERIUM Inc, Mobile Threat Protection, 2015 www.zimperium.com Exploit for RCE Vulnerability CVE-2015-1538 1 Integer Overflow in the libstagefright MP4 ‘sts...
SUSE-SU-2015:1476-1 Security update for MozillaFirefox, mozilla-nss
Mozilla Firefox was updated to version 38.2.1 ESR to fix several critical and non critical security vulnerabilities. - Firefox was updated to 38.2.1 ESR bsc943608 MFSA 2015-94/CVE-2015-4497 bsc943557 Use-after-free when resizing canvas element during restyling MFSA 2015-95/CVE-2015-4498 bsc943558...