mediaserver

CVEs (36)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-6704	Google Android	Hig	0.51	7.8	0.00	Nov 25, 2016	An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged…
CVE-2016-3825	Google mediaserver	Hig	0.51	7.8	0.00	Aug 5, 2016	mm-video-v4l2/vidc/venc/src/omx_video_base.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allocates an incorrect amount of memory, which allows attackers to gain privileges via a crafted application, aka internal bug 28816964.
CVE-2016-3823	Google mediaserver	Hig	0.51	7.8	0.00	Aug 5, 2016	The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to gain privileges via a crafted application, aka…
CVE-2016-2448	Google Android	Hig	0.51	7.8	0.00	May 9, 2016	media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly validate entry data structures, which allows attackers to gain privileges via a crafted…
CVE-2017-0641	Google Android	Med	0.36	5.5	0.03	Jun 14, 2017	A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions:…
CVE-2017-0558	Google Android	Med	0.36	5.5	0.00	Apr 7, 2017	An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4,…
CVE-2017-0557	Google Android	Med	0.36	5.5	0.00	Apr 7, 2017	An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions:…
CVE-2017-0495	Google Android	Med	0.36	5.5	0.00	Mar 8, 2017	An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions:…
CVE-2017-0488	Google Android	Med	0.36	5.5	0.00	Mar 8, 2017	A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…
CVE-2017-0486	Google Android	Med	0.36	5.5	0.00	Mar 8, 2017	A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…
CVE-2017-0485	Google Android	Med	0.36	5.5	0.00	Mar 8, 2017	A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…
CVE-2017-0482	Google Android	Med	0.36	5.5	0.00	Mar 8, 2017	A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…
CVE-2016-3878	Google Android	Med	0.36	5.5	0.00	Sep 11, 2016	decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-09-01 mishandles the case of decoding zero MBs, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29493002.
CVE-2016-3827	Android Android Sdk	Med	0.36	5.5	0.00	Aug 5, 2016	codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Android 6.0.1 before 2016-08-01 mishandles decoder errors, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28816956.
CVE-2016-2459	Google Android	Med	0.36	5.5	0.00	May 9, 2016	mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and…
CVE-2017-0497	Google Android	Med	0.31	4.7	0.00	Mar 8, 2017	A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 7.0, 7.1.1. Android ID:…

CVE-2016-6704HigNov 25, 2016
Google
Android
risk 0.51cvss 7.8epss 0.00
An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged…
CVE-2016-3825HigAug 5, 2016
Google
mediaserver
risk 0.51cvss 7.8epss 0.00
mm-video-v4l2/vidc/venc/src/omx_video_base.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allocates an incorrect amount of memory, which allows attackers to gain privileges via a crafted application, aka internal bug 28816964.
CVE-2016-3823HigAug 5, 2016
Google
mediaserver
risk 0.51cvss 7.8epss 0.00
The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to gain privileges via a crafted application, aka…
CVE-2016-2448HigMay 9, 2016
Google
Android
risk 0.51cvss 7.8epss 0.00
media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly validate entry data structures, which allows attackers to gain privileges via a crafted…
CVE-2017-0641MedJun 14, 2017
Google
Android
risk 0.36cvss 5.5epss 0.03
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions:…
CVE-2017-0558MedApr 7, 2017
Google
Android
risk 0.36cvss 5.5epss 0.00
An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4,…
CVE-2017-0557MedApr 7, 2017
Google
Android
risk 0.36cvss 5.5epss 0.00
An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions:…
CVE-2017-0495MedMar 8, 2017
Google
Android
risk 0.36cvss 5.5epss 0.00
An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions:…
CVE-2017-0488MedMar 8, 2017
Google
Android
risk 0.36cvss 5.5epss 0.00
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…
CVE-2017-0486MedMar 8, 2017
Google
Android
risk 0.36cvss 5.5epss 0.00
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…
CVE-2017-0485MedMar 8, 2017
Google
Android
risk 0.36cvss 5.5epss 0.00
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…
CVE-2017-0482MedMar 8, 2017
Google
Android
risk 0.36cvss 5.5epss 0.00
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…
CVE-2016-3878MedSep 11, 2016
Google
Android
risk 0.36cvss 5.5epss 0.00
decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-09-01 mishandles the case of decoding zero MBs, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29493002.
CVE-2016-3827MedAug 5, 2016
Android
Android Sdk
risk 0.36cvss 5.5epss 0.00
codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Android 6.0.1 before 2016-08-01 mishandles decoder errors, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28816956.
CVE-2016-2459MedMay 9, 2016
Google
Android
risk 0.36cvss 5.5epss 0.00
mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and…
CVE-2017-0497MedMar 8, 2017
Google
Android
risk 0.31cvss 4.7epss 0.00
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 7.0, 7.1.1. Android ID:…

Page 2 of 2