EUVD-2017-4795

Malware in sbrugna...

EUVD-2016-4926

Malware in sbrugna...

CVE-2017-13278

In MediaPlayerService::Client::notify of MediaPlayerService.cpp, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1...

CVE-2017-13278

In MediaPlayerService::Client::notify of MediaPlayerService.cpp, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1...

CVE-2017-13278

CVE-2017-13278 affects Android’s MediaPlayerService::Client::notify in MediaPlayerService.cpp, with a use-after-free that can allow local elevation of privilege without extra execution privileges. Impacted Android versions: 6.0–8.1 (6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1). Description notes no u...

Android Mediaserver Conditional Contested Elevation of Privilege Vulnerability

Android is an open source operating system based on Linux. A competitive condition vulnerability exists in the media/libmediaplayerservice/MediaPlayerService.cpp file in Android's Mediaserver, allowing remote attackers to exploit the vulnerability to build malicious applications with elevated...

CVE-2016-3913

media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate a certain staticcast operation, which allows attackers to gain privileges via a crafted...