VYPR
Unrated severityNVD Advisory· Published Oct 1, 2015· Updated Jun 17, 2026

CVE-2015-3824

CVE-2015-3824

Description

The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via a crafted MPEG-4 tx3g atom, aka internal bug 20923261.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Google/Android2 versions
    cpe:2.3:o:google:android:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:google:android:*:*:*:*:*:*:*:*range: <=5.1
    • (no CPE)range: <5.1.1 LMY48I

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.