exploitDog

GHSA-rfh3-x8r9-wcm5

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28532266.

Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28532266.

Ссылки

EPSS

Процентиль: 38%

0.0017

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-119

Связанные уязвимости

CVE-2016-2507

CVSS3: 7.8

ubuntu

больше 9 лет назад

Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28532266.

CVE-2016-2507

CVSS3: 7.8

nvd

больше 9 лет назад

Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28532266.

EPSS

Процентиль: 38%

0.0017

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-119