CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0817
https://notcve.org/view.php?id=CVE-2017-0817
An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430. Existe una vulnerabilidad de divulgación de información en el media framework de Android (libstagefright). • http://www.securityfocus.com/bid/101151 https://android.googlesource.com/platform/frameworks/av/+/d834160d9759f1098df692b34e6eeb548f9e317b https://source.android.com/security/bulletin/pixel/2017-10-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0815
https://notcve.org/view.php?id=CVE-2017-0815
An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567. Existe una vulnerabilidad de divulgación de información en el media framework de Android (libeffects). • http://www.securityfocus.com/bid/101088 https://android.googlesource.com/platform/frameworks/av/+/f490fc335772a9b14e78997486f4a572b0594c04 https://source.android.com/security/bulletin/2017-10-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1526
https://notcve.org/view.php?id=CVE-2015-1526
The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. El componente media_server en Android permite que los atacantes remotos provoquen una denegación de servicio mediante una aplicación modificada. • http://www.securityfocus.com/bid/76666 https://www.blackhat.com/docs/us-15/materials/us-15-Gong-Fuzzing-Android-System-Services-By-Binder-Call-To-Escalate-Privilege.pdf • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1537
https://notcve.org/view.php?id=CVE-2015-1537
Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application. Un desbordamiento de enteros en el componente media_server en Android permite que los atacantes remotos ejecuten código arbitrario mediante una aplicación modificada. • http://www.securityfocus.com/bid/76670 https://android.googlesource.com/platform/frameworks/av/+/c82e31a7039a03dca7b37c65b7890ba5c1e18ced%5E%21/#F0 https://www.blackhat.com/docs/us-15/materials/us-15-Gong-Fuzzing-Android-System-Services-By-Binder-Call-To-Escalate-Privilege.pdf • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5868
https://notcve.org/view.php?id=CVE-2016-5868
drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process. drivers/net/ethernet/msm/rndis_ipa.c en el controlador de networking de Qualcomm en Android permite que los atacantes remotos ejecuten código arbitrario mediante una aplicación manipulada que compromete un proceso privilegiado. • http://www.securityfocus.com/bid/98197 https://source.android.com/security/bulletin/2017-05-01 https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c • CWE-264: Permissions, Privileges, and Access Controls •