Vulnerability Details : CVE-2015-6783
The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP archive.
Vulnerability category: Input validation
Exploit prediction scoring system (EPSS) score for CVE-2015-6783
Probability of exploitation activity in the next 30 days: 0.15%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 50 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-6783
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2015-6783
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-6783
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html
[security-announce] openSUSE-SU-2015:2291-1: important: Security update
-
http://www.securityfocus.com/bid/78416
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
-
https://chromium.googlesource.com/chromium/src.git/+/d9e316238aee59acf665d80b544cf4e1edfd3349
d9e316238aee59acf665d80b544cf4e1edfd3349 - chromium/src.git - Git at Google
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html
[security-announce] openSUSE-SU-2015:2290-1: important: Security update
-
http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
https://security.gentoo.org/glsa/201603-09
Chromium: Multiple vulnerabilities (GLSA 201603-09) — Gentoo security
-
https://code.google.com/p/chromium/issues/detail?id=537205
537205 - Security: Crazy Linker on Android allows modification of Chrome APK without breaking signature - chromium - Monorail
-
http://www.securitytracker.com/id/1034298
Google Chrome Multiple Bugs Let Remote Users Execute Arbitrary Code, Bypass Security Restrictions, and Spoof Content - SecurityTracker
Products affected by CVE-2015-6783
- cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*