CVSS: 7.1EPSS: 0%CPEs: 27EXPL: 0CVE-2017-0390
https://notcve.org/view.php?id=CVE-2017-0390
12 Jan 2017 — A denial of service vulnerability in Tremolo/dpen.s in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31647370. • http://www.securityfocus.com/bid/95230 •
CVSS: 7.1EPSS: 0%CPEs: 27EXPL: 0CVE-2017-0392
https://notcve.org/view.php?id=CVE-2017-0392
12 Jan 2017 — A denial of service vulnerability in VBRISeeker.cpp in libstagefright in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32577290. • http://www.securityfocus.com/bid/95230 •
CVSS: 7.1EPSS: 0%CPEs: 27EXPL: 0CVE-2017-0393 – libvpx: Denial of service in mediaserver
https://notcve.org/view.php?id=CVE-2017-0393
12 Jan 2017 — A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-30436808. • http://www.securityfocus.com/bid/95230 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-0394
https://notcve.org/view.php?id=CVE-2017-0394
12 Jan 2017 — A denial of service vulnerability in Telephony could enable a remote attacker to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31752213. • http://www.securityfocus.com/bid/95255 •
CVSS: 5.5EPSS: 0%CPEs: 27EXPL: 0CVE-2017-0395
https://notcve.org/view.php?id=CVE-2017-0395
12 Jan 2017 — An elevation of privilege vulnerability in Contacts could enable a local malicious application to silently create contact information. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32219099. • http://www.securityfocus.com/bid/95261 •
CVSS: 5.5EPSS: 0%CPEs: 27EXPL: 0CVE-2017-0396
https://notcve.org/view.php?id=CVE-2017-0396
12 Jan 2017 — An information disclosure vulnerability in visualizer/EffectVisualizer.cpp in libeffects in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31781965. • http://www.securityfocus.com/bid/95232 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 27EXPL: 0CVE-2017-0397
https://notcve.org/view.php?id=CVE-2017-0397
12 Jan 2017 — An information disclosure vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32377688. • http://www.securityfocus.com/bid/95232 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-6762
https://notcve.org/view.php?id=CVE-2016-6762
12 Jan 2017 — An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31251826. • http://www.securityfocus.com/bid/94700 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 26EXPL: 0CVE-2016-6763
https://notcve.org/view.php?id=CVE-2016-6763
12 Jan 2017 — A denial of service vulnerability in Telephony could enable a local malicious application to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of local permanent denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31530456. • http://www.securityfocus.com/bid/94711 • CWE-284: Improper Access Control •
CVSS: 7.1EPSS: 0%CPEs: 26EXPL: 0CVE-2016-6764
https://notcve.org/view.php?id=CVE-2016-6764
12 Jan 2017 — A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31681434. • http://www.securityfocus.com/bid/94688 • CWE-399: Resource Management Errors •