mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bug 22278703, a different vulnerability than CVE-2015-6605.
Max CVSS
5.0
EPSS Score
0.10%
Published
2015-10-06
Updated
2015-10-07
mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 19573085, a different vulnerability than CVE-2015-6596.
Max CVSS
9.3
EPSS Score
0.06%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android 5.x before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 20721050, a different vulnerability than CVE-2015-3873.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 22301786.
Max CVSS
9.3
EPSS Score
0.06%
Published
2015-10-06
Updated
2015-10-07
mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bugs 20915134 and 23142203, a different vulnerability than CVE-2015-7718.
Max CVSS
5.0
EPSS Score
0.10%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23129786.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23227354.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libutils in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file, as demonstrated by an attack against use of libutils by libstagefright in Android 5.x.
Max CVSS
9.3
EPSS Score
0.86%
Published
2015-10-02
Updated
2016-12-08
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22935234.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22882938.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23416608.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23306638.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
mediaserver in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bugs 20731946 and 20719651, a different vulnerability than CVE-2015-7717.
Max CVSS
9.3
EPSS Score
0.06%
Published
2015-10-06
Updated
2015-10-07
SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly consider integer promotion, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted atoms in MP4 data, aka internal bug 20139950, a different vulnerability than CVE-2015-1538. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-7915, CVE-2014-7916, and/or CVE-2014-7917.
Max CVSS
10.0
EPSS Score
0.18%
Published
2015-10-01
Updated
2015-10-01
Media Player Framework in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bug 23223325.
Max CVSS
9.3
EPSS Score
0.06%
Published
2015-10-06
Updated
2015-10-07
Media Projection in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to bypass an intended screen-recording warning feature and obtain sensitive screen-snapshot information via a crafted application that references a long application name, aka internal bug 23345192.
Max CVSS
4.3
EPSS Score
0.06%
Published
2015-10-06
Updated
2015-10-07
Skia, as used in Android before 5.1.1 LMY48T, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 20723696.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file.
Max CVSS
9.3
EPSS Score
6.42%
Published
2015-10-02
Updated
2016-12-08
libutils in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, aka internal bug 22952485.
Max CVSS
10.0
EPSS Score
0.18%
Published
2015-10-06
Updated
2015-10-07
The Sonivox components in Android before 5.1.1 LMY48T allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23335715, 23307276, and 23286323.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23016072, 23248776, 23247055, 22845824, 22008959, 21814993, 21048776, 20718524, 20674674, 22388975, 20674086, 21443020, and 22077698, a different vulnerability than CVE-2015-7716.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23346388.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23031033.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22771132.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23036083.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-10-06
Updated
2015-10-07
61 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!