VYPR

mediaserver

by Google

CVEs (85)

  • CVE-2016-2476HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access,…

  • CVE-2016-2452HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by…

  • CVE-2016-0836HigApr 18, 2016
    risk 0.51cvss 7.8epss 0.02

    Stack-based buffer overflow in decoder/impeg2d_vld.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25812590.

  • CVE-2016-0826HigMar 12, 2016
    risk 0.51cvss 7.8epss 0.01

    libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly…

  • CVE-2016-3754HigJul 11, 2016
    risk 0.49cvss 7.5epss 0.01

    mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not limit process-memory usage, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28615448.

  • CVE-2016-0829HigMar 12, 2016
    risk 0.49cvss 7.5epss 0.01

    The BnGraphicBufferProducer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not initialize a certain output data structure, which allows attackers to obtain sensitive…

  • CVE-2015-1526MedSep 28, 2017
    risk 0.36cvss 5.5epss 0.01

    The media_server component in Android allows remote attackers to cause a denial of service via a crafted application.

  • CVE-2017-0644MedJun 14, 2017
    risk 0.36cvss 5.5epss 0.01

    A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2,…

  • CVE-2017-0642MedJun 14, 2017
    risk 0.36cvss 5.5epss 0.01

    A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions:…

  • CVE-2017-0641MedJun 14, 2017
    risk 0.36cvss 5.5epss 0.02

    A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions:…

  • CVE-2017-0635MedMay 12, 2017
    risk 0.36cvss 5.5epss 0.00

    A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Low due to details specific to the vulnerability. Product: Android.…

  • CVE-2017-0600MedMay 12, 2017
    risk 0.36cvss 5.5epss 0.00

    A remote denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android.…

  • CVE-2017-0599MedMay 12, 2017
    risk 0.36cvss 5.5epss 0.01

    A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0,…

  • CVE-2017-0557MedApr 7, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions:…

  • CVE-2017-0552MedApr 7, 2017
    risk 0.36cvss 5.5epss 0.01

    A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0,…

  • CVE-2017-0551MedApr 7, 2017
    risk 0.36cvss 5.5epss 0.01

    A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0,…

  • CVE-2017-0550MedApr 7, 2017
    risk 0.36cvss 5.5epss 0.01

    A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0,…

  • CVE-2017-0549MedApr 7, 2017
    risk 0.36cvss 5.5epss 0.01

    A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0,…

  • CVE-2017-0547MedApr 7, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application…

  • CVE-2017-0495MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions:…