EUVD-2015-3872

Malware in sbrugna...

Android Denial of Service Vulnerability (CNVD-2015-06606)

Android is an operating system based on the Linux open kernel, announced on November 5, 2007 by Google Inc. for cell phones. A denial of service vulnerability exists in Android versions prior to 5.1.1, LMY48I. It allows remote attackers to execute arbitrary code or cause a denial of service via...

Buffer overflow

The Parsewave function in arm-wt-22k/libsrc/easmdls.c in the Sonivox DLS-to-EAS converter in Android before 5.1.1 LMY48I does not reject a negative value for a certain size field, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow via crafted XMF...

CVE-2015-3836

The Parsewave function in arm-wt-22k/libsrc/easmdls.c in the Sonivox DLS-to-EAS converter in Android before 5.1.1 LMY48I does not reject a negative value for a certain size field, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow via crafted XMF...

CVE-2015-3836

The CVE-2015-3836 entry concerns Android devices affected by a buffer overflow in the Sonivox Parse_wave routine (arm-wt-22k/lib_src/eas_mdls.c) used by the DLS-to-EAS converter. The issue arises because a negative value in a size field is not rejected, enabling remote attackers to execute arbitr...