Lucene search
K

87 matches found

NVD
NVD
added 2019/09/27 7:15 p.m.20 views

CVE-2019-9262

In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

8.8CVSS8.8AI score0.00725EPSS
Exploits0References1
OSV
OSV
added 2019/09/27 7:15 p.m.3 views

CVE-2019-9262

In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

8.8CVSS7.7AI score0.00725EPSS
Exploits0References1
Prion
Prion
added 2019/09/27 7:15 p.m.13 views

Integer overflow

In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

6.8CVSS9AI score0.00725EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/09/27 6:5 p.m.22 views

CVE-2019-9262

In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

9.1AI score0.00725EPSS
Exploits0References1
CVE
CVE
added 2019/09/27 6:5 p.m.49 views

CVE-2019-9262

CVE-2019-9262 affects the MPEG4Extractor component in Android 10 media extraction. The issue is an out-of-bounds write caused by an integer overflow in MPEG4Extractor, potentially enabling remote code execution in the media extractor. Exploitation requires user interaction. Impact stated as RCE w...

8.8CVSS9AI score0.00725EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2018/01/12 11:29 p.m.20 views

CVE-2017-0855

In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not need...

7.8CVSS7.3AI score0.0173EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/01/12 11:0 p.m.21 views

CVE-2017-0855

In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not need...

7.4AI score0.0173EPSS
Exploits0References3
OSV
OSV
added 2016/07/11 2:0 a.m.0 views

CVE-2016-3766

MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not check whether memory allocation succeeds, which allows remote attackers to cause a denial of service device hang or reboot via a crafted file...

7.5CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2016/07/11 2:0 a.m.2 views

UBUNTU-CVE-2016-3766

MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not check whether memory allocation succeeds, which allows remote attackers to cause a denial of service device hang or reboot via a crafted file...

7.5CVSS7.2AI score0.01142EPSS
Exploits0References3
android
android
added 2016/04/02 12:0 a.m.27 views

CVE-2016-0837

MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read and memory corruption via a crafted media file, aka...

10CVSS8.9AI score0.02018EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2016/03/12 9:59 p.m.6 views

UBUNTU-CVE-2016-0815

The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file...

9.8CVSS7.7AI score0.02822EPSS
Exploits0References3
NVD
NVD
added 2016/03/12 9:59 p.m.20 views

CVE-2016-0815

The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file...

10CVSS9.5AI score0.02822EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2015/12/25 12:0 a.m.49 views

thunderbird: multiple issues

CVE-2015-7201 cross-origin restriction bypass using data: and view-source: uri scheme: Security researcher Tsubasa Iinuma reported a mechanism to violate same-origin policy to content using data: and view-source: URIs to confuse protections and bypass restrictions. This resulted in the ability to...

10CVSS0.3AI score0.06058EPSS
Exploits1References6
NVD
NVD
added 2015/12/16 11:59 a.m.14 views

CVE-2015-7213

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow...

6.8CVSS6.4AI score0.04075EPSS
Exploits0References22
Cvelist
Cvelist
added 2015/12/16 11:0 a.m.24 views

CVE-2015-7213

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow...

8.2AI score0.04075EPSS
Exploits0References22
CVE
CVE
added 2015/12/16 11:0 a.m.151 views

CVE-2015-7213

CVE-2015-7213 is an integer overflow in MPEG4Extractor::readMetaData within libstagefright used by Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms. A crafted MP4 file could trigger a buffer/memory overflow, enabling remote code execution. Public advisories from mu...

6.8CVSS8.1AI score0.04075EPSS
Exploits0References22Affected Software2
UbuntuCve
UbuntuCve
added 2015/12/15 12:0 a.m.28 views

CVE-2015-7213

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow...

6.8CVSS7.1AI score0.04075EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2015/10/13 12:0 a.m.5 views

The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code or cause a service failure

The vulnerability of the MPEG4Extractor::parseChunk function in the libstagefright library of the Android operating system is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using specially crafted MPEG-4...

9.3CVSS6.3AI score0.81143EPSS
Exploits0References3
NVD
NVD
added 2015/10/01 12:59 a.m.20 views

CVE-2015-3864

Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an...

10CVSS7.7AI score0.87125EPSS
Exploits6References8
NVD
NVD
added 2015/10/01 12:59 a.m.23 views

CVE-2015-3829

Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service integer overflow and memory corruption via crafted MPEG-4 covr atoms with a size equal ...

10CVSS7.9AI score0.89782EPSS
Exploits0References6
Rows per page
Query Builder