11 matches found
EUVD-2019-11768
Malware in sbrugna...
Denial Of Service (DoS)
libvpx.so is vulnerable to denial of service DoS. The vulnerability exists because of lack of proper validation of input parameters in mkvparser.cc, leading to a resource consumption and application crash...
Remote Code Execution
libvpx.so is vulnerable to remote code execution. The ParseContentEncodingEntry function of mkvparser.cc does not reset of a freed pointer. causing a double free memory corruption and subsequently allowing to trigger a remote code execution...
CVE-2019-2126
In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0...
Double free
In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0...
CVE-2019-2126
In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0...
CVE-2019-2126
In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0...
CVE-2019-2126
CVE-2019-2126: In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer, which could enable remote code execution with no extra privileges. Reported across libvpx usage in Android packages: Android-7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9. User...
Double free
In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure default value. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...
CVE-2018-9553
In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure default value. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...
CVE-2018-9553
CVE-2018-9553 : In MasteringMetadata::Parse of mkvparser.cc, a double-free can occur due to an insecure default value, enabling remote code execution. Affected: Android devices/versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9. Exploitation requires user interaction (local attack). Evidence ties this CVE ...