CVE-2015-3824

From Botnets.fr
Revision as of 13:23, 19 March 2016 by Eric.freyssinet (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

MITRE CVE Reference: CVE-2015-3824
Description: The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via a crafted MPEG-4 tx3g atom, aka internal bug 20923261.

Usage

Targetted asset: Android

Exploit kits using this vulnerability/ Exploit kits utilisant cette vulnérabilité:

  • Exploit kits:

Botnets using this vulnerability to function/propagate:

  • Botnets:

Campaigns using this vulnerability:

  • Campaigns:

Packages includingthis vulnerability:

Publications

MITRE CVE LICENSE: The MITRE Corporation (MITRE) hereby grants you a non-exclusive, royalty-free license to use Common Vulnerabilities and Exposures (CVE®) for research, development, and commercial purposes. Any copy you make for such purposes is authorized provided that you reproduce MITRE’s copyright designation and this license in any such copy. MITRE CVE®, TERMS OF USE: [1]

Retrieved from "https://www.botnets.fr/index.php?title=CVE-2015-3824&oldid=13156"