Linux Distros Unpatched Vulnerability : CVE-2016-3824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - omx/OMXNodeInstance.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not...

The vulnerability of the libstagefright library in the Media Framework of the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the libstagefright library in the Media Framework of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Google Android Mediaserver Denial of Service Vulnerability (CNVD-2017-02255)

Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. A denial of service vulnerability exists in VBRISeeker.cpp in libstagefright in Mediaserver. An attacker can exploit this...

Android Stagefright MP4 tx3g Integer Overflow Exploit

This Metasploit module exploits a integer overflow vulnerability in the Stagefright Library libstagefright.so. The vulnerability occurs when parsing specially crafted MP4 files. While a wide variety of remote attack vectors exist, this particular exploit is designed to work within an HTML5...

CVE-2016-3863

Multiple stack-based buffer overflows in the AVCC reassembly implementation in Utils.cpp in libstagefright in MediaMuxer in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remote attackers to execute arbitrary code via a...

CVE-2016-3827

codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Android 6.0.1 before 2016-08-01 mishandles decoder errors, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28816956...

UBUNTU-CVE-2016-2450

codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...

DEBIAN-CVE-2016-2814

Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to...

The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information or bypass security mechanisms

The vulnerability of the libstagefright library in the Android operating system is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor, acting remotely, to obtain confidential information or bypass security mechanisms using specially crafted Bitstre...

The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information or bypass security mechanisms

The vulnerability of the libstagefright library in the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, acting remotely, to obtain confidential information or bypass security mechanisms...

Mozilla Firefox-bit platforms integer overflow vulnerability

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open-source web browser; Firefox ESR is an extended-support version of Firefox. libstagefright is one of the hard-coding support libraries. The MPEG4Extractor.cpp file in the...

Mozilla: Integer overflow in MP4 playback in 64-bit versions (MFSA 2015-146)

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow...

The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code or cause a service failure

The vulnerability of the MPEG4Extractor::parseChunk function in the libstagefright library of the Android operating system is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using specially crafted MPEG-4...

Vulnerabilities of the Android operating system that allow a hacker to execute arbitrary code

The multiple vulnerabilities in the BnHDCP::onTransact function of the libstagefright library in the Android operating system are caused by buffer overflows. Exploiting these vulnerabilities could allow a malicious actor to execute arbitrary code using a specially crafted application...

Vulnerabilities of the Android operating system that allow a hacker to execute arbitrary code

The multiple vulnerabilities of the ESDS::parseESDescriptor function in the libstagefright library of the Android operating system are related to integer overflow. Exploiting these vulnerabilities could allow a malicious actor to execute arbitrary code using specially crafted ESDS data...

Google releases Security Patch for Android Stagefright 2.0 Vulnerability

Google reportedly fixed the latest round of Stagefright vulnerabilities in Android, pushing its latest over-the-air OTA update to Nexus devices. Last week, researchers warned of Stagefright 2.0 vulnerability that affected more than one Billion Android devices dating back to the latest versions of...

UBUNTU-CVE-2015-4496

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538...