exploitDog

CVE-2015-1537

Опубликовано: 28 сент. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 9.3

EPSS Низкий

Описание

Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application.

Ссылки

http://www.securityfocus.com/bid/76670
Third Party Advisory
VDB Entry
https://android.googlesource.com/platform/frameworks/av/+/c82e31a7039a03dca7b37c65b7890ba5c1e18ced%5E%21/#F0
Patch
Third Party Advisory
https://www.blackhat.com/docs/us-15/materials/us-15-Gong-Fuzzing-Android-System-Services-By-Binder-Call-To-Escalate-Privilege.pdf
Exploit
Technical Description
Third Party Advisory
http://www.securityfocus.com/bid/76670
Third Party Advisory
VDB Entry
https://android.googlesource.com/platform/frameworks/av/+/c82e31a7039a03dca7b37c65b7890ba5c1e18ced%5E%21/#F0
Patch
Third Party Advisory
https://www.blackhat.com/docs/us-15/materials/us-15-Gong-Fuzzing-Android-System-Services-By-Binder-Call-To-Escalate-Privilege.pdf
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Версия до 4.4.4 (включая)

EPSS

Процентиль: 70%

0.00644

Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-190

Связанные уязвимости

GHSA-w8g8-jwr6-q4p2

CVSS3: 7.8

github

больше 3 лет назад

Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application.

BDU:2017-02347

CVSS3: 7.8

fstec

почти 11 лет назад

Уязвимость компонента media_server (IHDCP.cpp) операционной системы Android, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 70%

0.00644

Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-190