Google

Android

7873 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2015-3835

  • EPSS 0.7%
  • Veröffentlicht 01.10.2015 00:59:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the OMXNodeInstance::emptyBuffer function in omx/OMXNodeInstance.cpp in libstagefright in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bug 20634516.

10

CVE-2015-3834

  • EPSS 0.19%
  • Veröffentlicht 01.10.2015 00:59:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in libstagefright in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application that uses HDCP encryption, leading to a hea...

4.3

CVE-2015-3833

  • EPSS 0.13%
  • Veröffentlicht 01.10.2015 00:59:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The getRunningAppProcesses function in services/core/java/com/android/server/am/ActivityManagerService.java in Android before 5.1.1 LMY48I allows attackers to bypass intended getRecentTasks restrictions and discover the name of the foreground applica...

10

CVE-2015-3832

  • EPSS 6.83%
  • Veröffentlicht 01.10.2015 00:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538.

9.3

CVE-2015-3831

  • EPSS 0.47%
  • Veröffentlicht 01.10.2015 00:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the readAt function in BpMediaHTTPConnection in media/libmedia/IMediaHTTPConnection.cpp in the mediaserver service in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bu...

10

CVE-2015-3829

  • EPSS 25.1%
  • Veröffentlicht 01.10.2015 00:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption)...

10

CVE-2015-3828

  • EPSS 27.18%
  • Veröffentlicht 01.10.2015 00:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to execute arbi...

9.3

CVE-2015-3827

  • EPSS 12.43%
  • Veröffentlicht 01.10.2015 00:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a d...

5

CVE-2015-3826

  • EPSS 1.61%
  • Veröffentlicht 01.10.2015 00:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to cause a deni...

10

CVE-2015-3824

  • EPSS 12.23%
  • Veröffentlicht 01.10.2015 00:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service (integer ove...