VYPR

mediaserver

by Google

CVEs (85)

  • CVE-2017-0407HigFeb 8, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of…

  • CVE-2017-0406HigFeb 8, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of…

  • CVE-2016-6706HigDec 13, 2016
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain…

  • CVE-2016-6705HigNov 25, 2016
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in Mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue…

  • CVE-2016-6704HigNov 25, 2016
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged…

  • CVE-2016-3933HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    mediaserver in Android before 2016-10-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 29421408.

  • CVE-2016-3932HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    mediaserver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 29161895 and MediaTek internal bug ALPS02770870.

  • CVE-2016-3913HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate a certain static_cast operation, which allows attackers to gain privileges…

  • CVE-2016-3910HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    services/soundtrigger/SoundTriggerHwService.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30148546.

  • CVE-2016-3909HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    The SoftMPEG4 component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30033990.

  • CVE-2016-3872HigSep 11, 2016
    risk 0.51cvss 7.8epss 0.01

    Buffer overflow in codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to gain privileges via a crafted application, aka internal bug…

  • CVE-2016-3844HigAug 5, 2016
    risk 0.51cvss 7.8epss 0.00

    mediaserver in Android before 2016-08-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28299517.

  • CVE-2016-3826HigAug 5, 2016
    risk 0.51cvss 7.8epss 0.00

    services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the reply size for an AudioFlinger effect command, which allows attackers to gain privileges via a crafted…

  • CVE-2016-3824HigAug 5, 2016
    risk 0.51cvss 7.8epss 0.00

    omx/OMXNodeInstance.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the buffer port, which allows attackers to gain privileges via a crafted application, aka internal bug…

  • CVE-2016-3747HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    Use-after-free vulnerability in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or…

  • CVE-2016-3746HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    Use-after-free vulnerability in the mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or…

  • CVE-2016-2508HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.02

    media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate certain track data, which allows remote attackers to execute arbitrary code or cause a denial of…

  • CVE-2016-2487HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug…

  • CVE-2016-2482HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature…

  • CVE-2016-2477HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining…

Page 2 of 5