CVSS: 10.0EPSS: 96%CPEs: 1EXPL: 9CVE-2015-3864 – Google Android - libstagefright Integer Overflow Remote Code Execution
https://notcve.org/view.php?id=CVE-2015-3864
01 Oct 2015 — Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3824. Desbordamiento de entero inferior en la función MPEG4Extractor::parseChunk en MPEG4Extractor.cpp en libstagefright en mediaserver en Android en versiones anteriores a 5.1.1 LMY48M per... • https://packetstorm.news/files/id/138853 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 93%CPEs: 1EXPL: 8CVE-2015-1538 – Google Android - 'Stagefright' Remote Code Execution
https://notcve.org/view.php?id=CVE-2015-1538
10 Sep 2015 — Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted atoms in MP4 data that trigger an unchecked multiplication, aka internal bug 20139950, a related issue to CVE-2015-4496. Desbordamiento de entero en la función SampleTable::setSampleToChunkParams en SampleTable.cpp en libstagefright en Android en versiones anteriores a 5.1.1 LMY48I, permite a atacantes remotos e... • https://packetstorm.news/files/id/133521 • CWE-189: Numeric Errors •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2714 – Gentoo Linux Security Advisory 201605-06
https://notcve.org/view.php?id=CVE-2015-2714
14 May 2015 — Mozilla Firefox before 38.0 on Android does not properly restrict writing URL data to the Android logging system, which allows attackers to obtain sensitive information via a crafted application that has a required permission for reading a log, as demonstrated by the READ_LOGS permission for the mixed-content violation log on Android 4.0 and earlier. Mozilla Firefox anterior a 38.0 en Android no restringe correctamente la escritura de datos de URLs en el sistema de registros de, lo que permite a atacantes o... • http://www.mozilla.org/security/announce/2015/mfsa2015-52.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.6EPSS: 3%CPEs: 1EXPL: 5CVE-2014-7951 – ADB - Backup Archive File Overwrite Directory Traversal
https://notcve.org/view.php?id=CVE-2014-7951
19 Apr 2015 — Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a .. (dot dot) in the tar archive headers. Una vulnerabilidad en Salto de Directorio en el puente de depuración de Android (también se conoce como adb) en Android versión 4.0.4, permite a atacantes físicamente próximos, con una conexión directa al dispositivo Android de destino, esc... • https://packetstorm.news/files/id/131511 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1525 – Google Android Denial of Service
https://notcve.org/view.php?id=CVE-2015-1525
14 Mar 2015 — audio/AudioPolicyManagerBase.cpp in Android before 5.1 allows attackers to cause a denial of service (audio_policy application outage) via a crafted application that provides a NULL device address. El archivo audio/AudioPolicyManagerBase.cpp en Android versiones anteriores a 5.1, permite a atacantes causar una denegación de servicio (interrupción de la aplicación audio_policy) por medio de una aplicación diseñada que provee una dirección de dispositivo NULL. Google Android suffers from an audio_policy appli... • https://android.googlesource.com/platform/hardware/libhardware_legacy/+/2d2ea50%5E%21 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1530 – Android Media Integer Overflow
https://notcve.org/view.php?id=CVE-2015-1530
12 Mar 2015 — media/libmedia/IAudioPolicyService.cpp in Android before 5.1 allows attackers to execute arbitrary code with media_server privileges or cause a denial of service (integer overflow) via a crafted application that provides an invalid array size. El archivo media/libmedia/IAudioPolicyService.cpp en Android versiones anteriores a 5.1, permite a atacantes ejecutar código arbitrario con privilegios de media_server o causar una denegación de servicio (desbordamiento de enteros) por medio de una aplicación diseñada... • https://packetstorm.news/files/id/130779 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-7914 – (Mobile Pwn2Own) Google Android Bluetooth Forced Pairing Vulnerability
https://notcve.org/view.php?id=CVE-2014-7914
12 Mar 2015 — btif/src/btif_dm.c in Android before 5.1 does not properly enforce the temporary nature of a Bluetooth pairing, which allows user-assisted remote attackers to bypass intended access restrictions via crafted Bluetooth packets after the tapping of a crafted NFC tag. En el archivo btif/src/btif_dm.c en Android versiones anteriores a 5.1, no aplica apropiadamente la naturaleza temporal de emparejar Bluetooth, lo que permite a atacantes remotos asistidos por el usuario omitir las restricciones de acceso prevista... • https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/0360aa7c418152a3e5e335a065ac3629cbb09559 • CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 3CVE-2015-1474 – Google Android Integer Oveflow / Heap Corruption
https://notcve.org/view.php?id=CVE-2015-1474
16 Feb 2015 — Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values. Múltiples desbordamientos de enteros en la función GraphicBuffer::unflatten en platform/frameworks/native/libs/ui/GraphicBuffer.cpp en Android hasta 5.0 permiten a atacantes ganar privilegios o ... • https://packetstorm.news/files/id/130778 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 3%CPEs: 8EXPL: 5CVE-2014-0997 – Android WiFi-Direct - Denial of Service
https://notcve.org/view.php?id=CVE-2014-0997
26 Jan 2015 — WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle exceptions, which allows remote attackers to cause a denial of service (reboot) via a crafted 802.11 probe response frame. WiFiMonitor en Android 4.4.4 tal y como se emplea en Nexus 5 y 4, Android 4.2.2 tal y como se emplea... • https://packetstorm.news/files/id/130107 • CWE-19: Data Processing Errors •
CVSS: 9.8EPSS: 0%CPEs: 45EXPL: 8CVE-2014-7911 – Android CVE-2014-7911 / CVE-2014-4322 Local Exploit
https://notcve.org/view.php?id=CVE-2014-7911
15 Dec 2014 — luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android before 5.0.0 does not verify that deserialization will result in an object that met the requirements for serialization, which allows attackers to execute arbitrary code via a crafted finalize method for a serialized object in an ArrayMap Parcel within an intent sent to system_service, as demonstrated by the finalize method of android.os.BinderProxy, aka Bug 15874291. luni/src/main/java/java/io/Object... • https://packetstorm.news/files/id/130112 • CWE-264: Permissions, Privileges, and Access Controls •