Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android prior to 5.1.1 LMY48I allow remote malicious users to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android |