87 matches found
CVE-2015-3864
CVE-2015-3864 is a remote-code-execution vulnerability in Android’s mediaserver (libstagefright). It arises from an integer underflow when parsing the MPEG-4 tx3g chunk in the Stagefright parser, enabling crafted MPEG-4 data to corrupt memory. The issue is tied to an incomplete fix for CVE-2015-3...
CVE-2015-3824
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service integer overflow and memory corruption via a crafted MPEG-4...
CVE-2015-3824
The entry CVE-2015-3824 concerns MPEG4Extractor::parseChunk in Android’s libstagefright (mediaserver). The flaw arises when processing MP4 tx3g atoms, where size calculations are not properly bounded, enabling remote attackers to cause memory corruption and potentially remote code execution or a ...
CVE-2015-3864
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an...
CVE-2015-3828
The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark BOM, which allows remote attackers to execute arbitrary code or cause a denial of service integer...
CVE-2015-3824
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service integer overflow and memory corruption via a crafted MPEG-4...
CVE-2015-3829
Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service integer overflow and memory corruption via crafted MPEG-4 covr atoms with a size equal ...