Lucene search
K

87 matches found

CVE
CVE
added 2015/10/01 12:0 a.m.128 views

CVE-2015-3864

CVE-2015-3864 is a remote-code-execution vulnerability in Android’s mediaserver (libstagefright). It arises from an integer underflow when parsing the MPEG-4 tx3g chunk in the Stagefright parser, enabling crafted MPEG-4 data to corrupt memory. The issue is tied to an incomplete fix for CVE-2015-3...

10CVSS7.8AI score0.87125EPSS
Exploits6References8Affected Software1
Cvelist
Cvelist
added 2015/10/01 12:0 a.m.32 views

CVE-2015-3824

The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service integer overflow and memory corruption via a crafted MPEG-4...

7.8AI score0.90483EPSS
Exploits0References6
CVE
CVE
added 2015/10/01 12:0 a.m.63 views

CVE-2015-3824

The entry CVE-2015-3824 concerns MPEG4Extractor::parseChunk in Android’s libstagefright (mediaserver). The flaw arises when processing MP4 tx3g atoms, where size calculations are not properly bounded, enabling remote attackers to cause memory corruption and potentially remote code execution or a ...

10CVSS8AI score0.90483EPSS
Exploits0References6Affected Software1
android
android
added 2015/09/01 12:0 a.m.61 views

CVE-2015-3864

Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an...

10CVSS8.1AI score0.90483EPSS
Exploits6References3Affected Software1
android
android
added 2015/08/01 12:0 a.m.42 views

CVE-2015-3828

The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark BOM, which allows remote attackers to execute arbitrary code or cause a denial of service integer...

10CVSS8AI score0.85378EPSS
Exploits0References3Affected Software1
android
android
added 2015/08/01 12:0 a.m.42 views

CVE-2015-3824

The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service integer overflow and memory corruption via a crafted MPEG-4...

10CVSS8.3AI score0.90483EPSS
Exploits0References3Affected Software1
android
android
added 2015/08/01 12:0 a.m.29 views

CVE-2015-3829

Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service integer overflow and memory corruption via crafted MPEG-4 covr atoms with a size equal ...

10CVSS8.3AI score0.89782EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder