Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-1539 |
Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493. Published: September 30, 2015; 8:59:07 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-1538 |
Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted atoms in MP4 data that trigger an unchecked multiplication, aka internal bug 20139950, a related issue to CVE-2015-4496. Published: September 30, 2015; 8:59:06 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-1536 |
Integer overflow in the Bitmap_createFromParcel function in core/jni/android/graphics/Bitmap.cpp in Android before 5.1.1 LMY48I allows attackers to cause a denial of service (system_server crash) or obtain sensitive system_server memory-content information via a crafted application that leverages improper unmarshalling of bitmaps, aka internal bug 19666945. Published: September 30, 2015; 8:59:05 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 8.5 HIGH |
CVE-2015-1528 |
Integer overflow in the native_handle_create function in libcutils/native_handle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service (Binder heap memory corruption) via a crafted application, aka internal bug 19334482. Published: September 30, 2015; 8:59:04 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2014-7917 |
Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15342615. Published: September 30, 2015; 8:59:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2014-7916 |
Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15342751. Published: September 30, 2015; 8:59:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2014-7915 |
Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15328708. Published: September 30, 2015; 8:59:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-4476 |
Mozilla Firefox before 41.0 on Android allows user-assisted remote attackers to spoof address-bar attributes by leveraging lack of navigation after a paste of a URL with a nonstandard scheme, as demonstrated by spoofing an SSL attribute. Published: September 24, 2015; 12:59:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-6682 |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-5584. Published: September 22, 2015; 6:59:22 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-6679 |
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. Published: September 22, 2015; 6:59:21 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-6678 |
Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6676. Published: September 22, 2015; 6:59:20 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-6677 |
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-5588. Published: September 22, 2015; 6:59:19 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-6676 |
Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6678. Published: September 22, 2015; 6:59:18 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-5588 |
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-6677. Published: September 22, 2015; 6:59:17 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-5587 |
Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors. Published: September 22, 2015; 6:59:16 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-5584 |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-6682. Published: September 22, 2015; 6:59:15 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-5582 |
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5588, and CVE-2015-6677. Published: September 22, 2015; 6:59:14 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-5581 |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5584, and CVE-2015-6682. Published: September 22, 2015; 6:59:13 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-5580 |
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. Published: September 22, 2015; 6:59:12 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-5579 |
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5567. Published: September 22, 2015; 6:59:11 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |