Published: 24/08/2017 Updated: 02/10/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote malicious users to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samsung samsung_mobile 5.0
samsung samsung_mobile 5.0.2
samsung samsung_mobile 7.1.1
samsung samsung_mobile 5.1.1
samsung samsung_mobile 6.0
samsung samsung_mobile 6.0.1
samsung samsung_mobile 7.0
samsung samsung_mobile 5.0.1
samsung samsung_mobile 5.1
samsung samsung_mobile 7.1
samsung samsung_mobile 7.1.2

Source: codegooglecom/p/google-security-research/issues/detail?id=498 The attached jpg, upsamplejpg can cause memory corruption when media scanning occurs F/libc ( 8600): Fatal signal 11 (SIGSEGV), code 1, fault addr 0x206e6f69747562 in tid 8685 (HEAVY#0) I/DEBUG ( 2956): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ...

CWE-119 https://www.exploit-db.com/exploits/38612/http://www.securityfocus.com/bid/77425 http://packetstormsecurity.com/files/134198/Samsung-Galaxy-S6-LibQjpeg-DoIntegralUpsample-Crash.html https://bugs.chromium.org/p/project-zero/issues/detail?id=498&redir=1 https://nvd.nist.gov https://www.exploit-db.com/exploits/38612/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-7896

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect