CVE-2015-3827 Detail
Modified
This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
Description
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted MPEG-4 covr atoms, aka internal bug 20923261.
Source:
MITRE
Description Last Modified:
09/30/2015
Impact
CVSS v2.0 Severity and Metrics:
Base Score:
9.3 HIGH
Vector:
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
(V2 legend)
Impact Subscore:
10.0
Exploitability Subscore:
8.6
Access Vector (AV):
Network
Access Complexity (AC):
Medium
Authentication (AU):
None
Confidentiality (C):
Complete
Integrity (I):
Complete
Availability (A):
Complete
Additional Information:
Victim must voluntarily interact with attack mechanism Allows unauthorized disclosure of information Allows unauthorized modification Allows disruption of service
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because
they may have information that would be of interest to you. No inferences should be drawn on account of other sites
being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose.
NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further,
NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about
this page to nvd@nist.gov.
Change History
6 change records found
- show changes
CVE Modified by MITRE -
9/20/2017 9:29:08 PM
Action |
Type |
Old Value |
New Value |
Added |
Reference |
|
http://www.securitytracker.com/id/1033094 [No Types Assigned] |
CVE Modified by MITRE -
12/7/2016 1:11:34 PM
Action |
Type |
Old Value |
New Value |
Added |
Reference |
|
http://www.huawei.com/en/psirt/security-advisories/hw-448928 [No Types Assigned] |
Added |
Reference |
|
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-448928.htm [No Types Assigned] |
CVE Modified by MITRE -
11/28/2016 2:26:57 PM
Action |
Type |
Old Value |
New Value |
Added |
Reference |
|
http://www.securityfocus.com/bid/76052 [No Types Assigned] |
CVE Translated -
10/3/2015 2:45:11 AM
Action |
Type |
Old Value |
New Value |
Added |
Translation |
|
Record truncated, showing 500 of 531 characters.
View Entire Change Record
La función MPEG4Extractor::parseChunk en MPEG4Extractor.cpp en libstagefright en Android en versiones anteriores a 5.1.1 LMY48I no valida la relación entre los tamaños de fragmento y los tamaños de salto, lo que permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento de entero y corrupción de memoria) a través de atoms MPEG-4 covr, también conoci |
Removed |
Translation |
Record truncated, showing 500 of 550 characters.
View Entire Change Record
Vulnerabilidad en la función MPEG4Extractor::parseChunk en MPEG4Extractor.cpp en libstagefright en Android en versiones anteriores a 5.1.1 LMY48I, no valida la relación entre los tamaños de fragmento y los tamaños de salto, lo que permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento de entero y corrupción de memoria) a través de atoms MPEG-4 covr, tambi& |
|
Modified Analysis -
10/1/2015 12:29:15 PM
Action |
Type |
Old Value |
New Value |
Added |
CPE Configuration |
|
Configuration 1
OR
*cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:* (and previous) |
Added |
CVSS V2 |
|
(AV:N/AC:M/Au:N/C:C/I:C/A:C) |
Added |
CWE |
|
CWE-119 |
Added |
CWE |
|
CWE-189 |
Changed |
Reference Type |
https://android.googlesource.com/platform/frameworks/av/+/f4a88c8ed4f8186b3d6e2852993e063fc33ff231 No Types Assigned |
https://android.googlesource.com/platform/frameworks/av/+/f4a88c8ed4f8186b3d6e2852993e063fc33ff231 Advisory |
Changed |
Reference Type |
https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ No Types Assigned |
https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ Advisory |
Initial CVE Analysis -
10/1/2015 10:37:40 AM
Quick Info
CVE Dictionary Entry:
CVE-2015-3827
NVD Published Date:
09/30/2015
NVD Last Modified:
09/20/2017
|