Published: 06/10/2015 Updated: 07/10/2015

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

libstagefright in Android prior to 5.1.1 LMY48T allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 21335999.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android

Trend publishes analysis of yet another Android media handling bug

The Register • John Leyden • 18 Aug 2015

1, 2, 3, 4 ... how many more bugs must we endure?

More details have emerged about yet another Android vulnerability, that, like other recent flaws, revolves around how the Google-backed mobile operating system handles media files. The Android Mediaserver vulnerability might be exploited to perform attacks involving arbitrary code execution, security researchers at Trend Micro warn. The security bug (CVE-2015-3842) affects Android versions 2.3 to 5.1.1, so hundreds of thousands of devices are potentially at risk. The danger potentially comes fro...

CVE-2015-3823

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect