VYPR

mediaserver

by Google

CVEs (85)

  • CVE-2014-7920CriApr 13, 2017
    risk 0.64cvss 9.8epss 0.02

    mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921.

  • CVE-2016-3821CriAug 5, 2016
    risk 0.64cvss 9.8epss 0.02

    libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 has certain incorrect declarations, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference or memory…

  • CVE-2016-3820CriAug 5, 2016
    risk 0.64cvss 9.8epss 0.01

    The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 mishandles slice numbers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28673410.

  • CVE-2016-3745CriJul 11, 2016
    risk 0.64cvss 9.8epss 0.01

    Multiple buffer overflows in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to gain privileges via a crafted application that provides an AudioEffect reply, as demonstrated by obtaining Signature or…

  • CVE-2016-3742CriJul 11, 2016
    risk 0.64cvss 9.8epss 0.01

    decoder/ih264d_process_intra_mb.c in mediaserver in Android 6.x before 2016-07-01 mishandles intra mode, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28165659.

  • CVE-2016-3741CriJul 11, 2016
    risk 0.64cvss 9.8epss 0.01

    The H.264 decoder in mediaserver in Android 6.x before 2016-07-01 does not initialize certain slice data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28165661.

  • CVE-2016-2428CriMay 9, 2016
    risk 0.64cvss 9.8epss 0.02

    libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows remote attackers to execute arbitrary code or cause a denial of service (stack…

  • CVE-2016-2418CriApr 18, 2016
    risk 0.64cvss 9.8epss 0.01

    media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain metadata buffer pointers, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified…

  • CVE-2016-0841CriApr 18, 2016
    risk 0.64cvss 9.8epss 0.02

    media/libmedia/mediametadataretriever.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mishandles cleared service binders, which allows remote attackers to execute arbitrary code or cause a denial of service…

  • CVE-2016-0835CriApr 18, 2016
    risk 0.64cvss 9.8epss 0.03

    decoder/impeg2d_dec_hdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a certain negative value, aka internal bug 26070014.

  • CVE-2017-0637HigJun 14, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0594HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to…

  • CVE-2017-0592HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote…

  • CVE-2017-0591HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0588HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code…

  • CVE-2017-0587HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0543HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0542HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0539HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0538HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

Page 1 of 5