Published: 06/01/2016 Updated: 07/12/2016

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

mediaserver in Android 5.x prior to 5.1.1 LMY49F and 6.0 prior to 2016-01-01 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 25070493 and 24686670.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 6.0.1
google android 5.1.1
google android 6.0
google android 5.0

Got a Nexus? Google has five critical Android security fixes for you

The Register • Shaun Nichols in San Francisco • 04 Jan 2016

Have any other Android device? You've got five new gaping holes

Google has fixed 12 security bugs in its Android source code – including five that would allow miscreants to achieve remote code execution or root access. The Mountain View giant said its January Android security update includes patches for five CVE-listed security vulnerabilities it rates as "critical" risks, two considered "high" security risks, and five flaws rated as "moderate." The upgrade is being pushed to Nexus gadgets as over-the-air downloads – so check for updates and eventually t...

CVE-2015-6636

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect