CVE-2015-3827

From Botnets.fr
Jump to: navigation, search

MITRE CVE Reference: CVE-2015-3827
Description: The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted MPEG-4 covr atoms, aka internal bug 20923261.

Usage

Targetted asset: Android

Exploit kits using this vulnerability/ Exploit kits utilisant cette vulnérabilité:

  • Exploit kits:

Botnets using this vulnerability to function/propagate:

  • Botnets:

Campaigns using this vulnerability:

  • Campaigns:

Packages includingthis vulnerability:

Publications

MITRE CVE LICENSE: The MITRE Corporation (MITRE) hereby grants you a non-exclusive, royalty-free license to use Common Vulnerabilities and Exposures (CVE®) for research, development, and commercial purposes. Any copy you make for such purposes is authorized provided that you reproduce MITRE’s copyright designation and this license in any such copy. MITRE CVE®, TERMS OF USE: [1]