CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3849
https://notcve.org/view.php?id=CVE-2015-3849
01 Oct 2015 — The Region_createFromParcel function in core/jni/android/graphics/Region.cpp in Region in Android before 5.1.1 LMY48M does not check the return values of certain read operations, which allows attackers to execute arbitrary code via an application that sends a crafted message to a service, aka internal bug 21585255. La función Region_createFromParcel en core/jni/android/graphics/Region.cpp en Region en Android en versiones anteriores a 5.1.1 LMY48M no comprueba los valores de retorno de ciertas operaciones d... • https://android.googlesource.com/platform/frameworks/base/+/1e72dc7a3074cd0b44d89afbf39bbf5000ef7cc3 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3842
https://notcve.org/view.php?id=CVE-2015-3842
01 Oct 2015 — Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka internal bug 21953516. Múltiples desbordamientos de entero en libeffects en el Audio Policy Service en mediaserver en Android en versiones anteriores a 5.1.1 LMY48I permiten a atacantes ejecutar código arbitrario a través de una aplicación manipulada, también conocido como error interno 21953516. • https://android.googlesource.com/platform/frameworks/av/+/aeea52da00d210587fb3ed895de3d5f2e0264c88 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3831
https://notcve.org/view.php?id=CVE-2015-3831
01 Oct 2015 — Buffer overflow in the readAt function in BpMediaHTTPConnection in media/libmedia/IMediaHTTPConnection.cpp in the mediaserver service in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bug 19400722. Desbordamiento de buffer en la función readAt en BpMediaHTTPConnection en media/libmedia/IMediaHTTPConnection.cpp en el servicio mediaserver en Android en versiones anteriores a 5.1.1 LMY48I permite a atacantes ejecutar código arbitrario a través de ... • https://android.googlesource.com/platform/frameworks/av/+/51504928746edff6c94a1c498cf99c0a83bedaed • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3833
https://notcve.org/view.php?id=CVE-2015-3833
01 Oct 2015 — The getRunningAppProcesses function in services/core/java/com/android/server/am/ActivityManagerService.java in Android before 5.1.1 LMY48I allows attackers to bypass intended getRecentTasks restrictions and discover the name of the foreground application via a crafted application, aka internal bug 20034603. La función getRunningAppProcesses en services/core/java/com/android/server/am/ActivityManagerService.java en Android en versiones anteriores a 5.1.1 LMY48I permite a atacantes eludir las restricciones de... • http://stackoverflow.com/questions/24625936/getrunningtasks-doesnt-work-in-android-l • CWE-284: Improper Access Control •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3845
https://notcve.org/view.php?id=CVE-2015-3845
01 Oct 2015 — The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a crafted application, aka internal bug 17312693. La función Parcel::appendFrom en libs/binder/Parcel.cpp en Binder en Android en versiones anteriores a 5.1.1 LMY48M no tiene en cuenta los límites del parcel durante la identificación de lo... • https://android.googlesource.com/platform/frameworks/native/+/e68cbc3e9e66df4231e70efa3e9c41abc12aea20 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3832
https://notcve.org/view.php?id=CVE-2015-3832
01 Oct 2015 — Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538. Múltiples desbordamientos de entero en MPEG4Extractor.cpp en libstagefright en Android en versiones anteriores a 5.1.1 LMY48I permiten a atacantes remotos ejecutar código arbitrario a través de valores de tamaño no válidos de unidades NAL en datos MP4, también conocido como error interno ... • https://android.googlesource.com/platform/frameworks/av/+/d48f0f145f8f0f4472bc0af668ac9a8bce44ba9b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 32%CPEs: 1EXPL: 0CVE-2015-1539
https://notcve.org/view.php?id=CVE-2015-1539
01 Oct 2015 — Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493. Desbordamientos de entero múltiple en la función ESDS::parseESDescriptor en ESDS.cpp en libstagefright en Android en versiones anteriores a 5.1.1 LMY48I, permite a atacantes remotos ejecutar código arbitrario a través de atoms ESDS manipulados, tamb... • http://www.huawei.com/en/psirt/security-advisories/hw-448928 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-3837
https://notcve.org/view.php?id=CVE-2015-3837
01 Oct 2015 — The OpenSSLX509Certificate class in org/conscrypt/OpenSSLX509Certificate.java in Android before 5.1.1 LMY48I improperly includes certain context data during serialization and deserialization, which allows attackers to execute arbitrary code via an application that sends a crafted Intent, aka internal bug 21437603. La clase OpenSSLX509Certificate en org/conscrypt/OpenSSLX509Certificate.java en Android en versiones anteriores a 5.1.1 LMY48I incluye indebidamente determinados datos de contexto durante la seria... • https://github.com/itibs/IsildursBane • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 33%CPEs: 1EXPL: 0CVE-2015-3827
https://notcve.org/view.php?id=CVE-2015-3827
01 Oct 2015 — The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted MPEG-4 covr atoms, aka internal bug 20923261. La función MPEG4Extractor::parseChunk en MPEG4Extractor.cpp en libstagefright en Android en versiones anteriores a 5.1.1 LMY48I no valida la rela... • http://www.huawei.com/en/psirt/security-advisories/hw-448928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1536
https://notcve.org/view.php?id=CVE-2015-1536
01 Oct 2015 — Integer overflow in the Bitmap_createFromParcel function in core/jni/android/graphics/Bitmap.cpp in Android before 5.1.1 LMY48I allows attackers to cause a denial of service (system_server crash) or obtain sensitive system_server memory-content information via a crafted application that leverages improper unmarshalling of bitmaps, aka internal bug 19666945. Desbordamiento de entero en la función Bitmap_createFromParcel en core/jni/Android/graphics/Bitmap.cpp en Android en versiones anteriores a 5.1.1 LMY48I... • https://android.googlesource.com/platform/frameworks/base/+/d44e5bde18a41beda39d49189bef7f2ba7c8f3cb • CWE-189: Numeric Errors •