10
CVSSv2

CVE-2015-1538

Published: 01/10/2015 Updated: 21/09/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android prior to 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted atoms in MP4 data that trigger an unchecked multiplication, aka internal bug 20139950, a related issue to CVE-2015-4496.

Vulnerability Trend

Affected Products

Vendor Product Versions
GoogleAndroid5.1

Vendor Advisories

We have released a security update to Nexus devices through an over-the-air (OTA) update as part of our Android Security Bulletin Monthly Release process The Nexus firmware images have also been released to the Google Developer site Builds LMY48I or later address these issues Partners were notified about these issues on June 25, 2015 or earlier ...

Exploits

#!/usr/bin/env python # Joshua J Drake (@jduck) of ZIMPERIUM zLabs # Shout outs to our friends at Optiv (formerly Accuvant Labs) # (C) Joshua J Drake, ZIMPERIUM Inc, Mobile Threat Protection, 2015 # wwwzimperiumcom # # Exploit for RCE Vulnerability CVE-2015-1538 #1 # Integer Overflow in the libstagefright MP4 ‘stsc’ atom handling # # Don’ ...

Mailing Lists

Android Stagefright remote code execution exploit that leverages an integer overflow in the libstagefright MP4 'stsc' atom handling ...

Github Repositories

Stagefright-cve-2015-1538-1 Discovered by Joshua J Drake (@jduck) of ZIMPERIUM zLabs and fixed his project by Niranjan Shrestha (@niranjanshr13) Exploit for RCE Vulnerability CVE-2015-1538 #1 Integer Overflow in the libstagefright MP4 'stsc' atom handling Don't forget, the output of "create_mp4" can be delivered many ways! MMS is the most dangerous at

2015_1538 #!/usr/bin/env python Joshua J Drake (@jduck) of ZIMPERIUM zLabs Shout outs to our friends at Optiv (formerly Accuvant Labs) (C) Joshua J Drake, ZIMPERIUM Inc, Mobile Threat Protection, 2015 wwwzimperiumcom Exploit for RCE Vulnerability CVE-2015-1538 #1 Integer Overflow in the libstagefright MP4 'stsc' atom handling Don't forget, the output of &qu

Android Vulnerabilities Overview (AVO) is a databse of known security vulnerabilities in Android The vulnerabilities database is splitted into seperate md files to get an better and cleaner overview The current 2016 list is avaible over here The security flaw gives hacker ability to spy on Android smartphone owners, steal login credentials, install malware, and many more, a

afl-cve A collection of vulnerabilities discovered by the AFL fuzzer (afl-fuzz) Introduction afl-cve is a collection of known vulnerabilities that can be attributed to the AFL fuzzer afl-fuzz All vulnerabilities in this list either already have a CVE assigned, or a CVE has been requested from a CVE Numbering Authority Why is This Necessary? Because CVE descriptions are not ge

Recent Articles

It's BACK – Stagefright 2.0: Zillions of Android gadgets can be hijacked by MP3s, movie files
The Register • Darren Pauli • 01 Oct 2015

Pop tunes pop phones

Updated More than a billion Android phones, tablets and other gadgets can be hijacked by merely previewing MP3 music or MP4 video files.
Booby-trapped songs and vids downloaded from the web or emails can potentially compromise vulnerable devices, and install spyware, password-stealing malware, and so on.
This is all thanks to two remote-code execution flaws billed as the second iteration of the original Stagefright vulnerability.
Zimperium researcher Joshua J Drake found the pa...

Zimperium unleashes Android Stagefright exploit code on world
The Register • John Leyden • 09 Sep 2015

BOO! Now giddyup and get testing

Security researchers at Zimperium have released a working version of Stagefright exploit code.
Zimperium said it was publishing the software so that administrators and penetration testers can validate the effectiveness of the Android community's response to patching the security hole. Google is only just getting around to publishing a comprehensive fix for Stagefright, following a flawed attempt to fix the mega-vuln last month.
The Stagefright vulnerability (CVE-2015-1538) can allow ...

Are you still vulnerable to Stagefright? Get your Android device checked now
welivesecurity • Raphael Labaca Castro • 14 Aug 2015

Updated 3rd April, 2016: Independent security analyst Graham Cluley reported in February that Google had released its latest security update for Nexus devices running Android, adding that one of the most serious flaws found could result in remote code execution: “For instance, the bug in Mediaserver could mean that simply opening an email, browsing a website or receiving a media file via MMS could [result in] malicious code being run on your device. If this sounds familiar then chances are...