10
CVE-2015-3834
- EPSS 1.22%
- Veröffentlicht 01.10.2015 00:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle security@android.com
- CVE-Watchlists
- Unerledigt
Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in libstagefright in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application that uses HDCP encryption, leading to a heap-based buffer overflow, aka internal bug 20222489.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.22% | 0.648 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ
https://android.googlesource.com/platform/frameworks/av/+/c82e31a7039a03dca7b37c65b7890ba5c1e18ced