cve-2015-6612 POC for M reported by me and @WenXu from Keen put this under ANDROIDSRCROOT/frameworks/av/media/decrytpoc/ and cd into it && calling mm
libmedia in Android prior to 5.1.1 LMY48X and 6.0 prior to 2015-11-01 allows malicious users to gain privileges via a crafted application, aka internal bug 23540426.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android 6.0 |
||
google android |
Privilege escalation and remote code execution feature in fourth droid patch run.
Google has patched two critical remote code execution vulnerabilities as part of a suite of seven fixes in its fourth round of Android patching since August. The over-the-air updates set to hit Nexus, Samsung, and Android Open Source Project (AOSP) devices first for Google's latest Marshmallow Android operating system. Google informed "partners" on 5 October and patch source code is set to hit the AOSP soon. Two flaws rated critical include libutils (CVE-2015-6609) and mediaserver (CVE-2015-6608...