Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2015-3864
HistoryOct 01, 2015 - 12:59 a.m.

CVE-2015-3864

2015-10-0100:59:31
CWE-189
[email protected]
web.nvd.nist.gov
47
2
cve-2015-3864
mpeg4extractor
libstagefright
mediaserver
android
vulnerability
nvd
code execution
mpeg-4 data
cve-2015-3824

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.97 High

EPSS

Percentile

99.8%

JSON

Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3824.

Affected configurations

NVD
Node
googleandroidRange≀5.1
CPENameOperatorVersion
google:androidgoogle androidle5.1

Social References

More

Related

thn 3
android 4
prion 2
threatpost 2
nvd 2
cvelist 2
ubuntucve 2
zdt 3
packetstorm 1
myhack58 1
googleprojectzero 1
checkpoint_advisories 1
cve 1
cert 1
androidsecurity 2
huawei 1
thn
thn
Incomplete 'Stagefright' Security Patch Leaves Android Vulnerable to Text Hack
2015-08-14 00:45:00
New Exploit to 'Hack Android Phones Remotely' threatens Millions of Devices
2016-03-16 21:30:00
Android Stagefright Exploit Code Released
2015-09-11 02:11:00
android
android
CVE-2015-3864
2015-09-01 00:00:00
Metaphor
2019-07-09 00:00:00
CVE-2015-3824
2015-08-01 00:00:00
prion
prion
Integer overflow
2015-10-01 00:59:00
Integer overflow
2015-10-01 00:59:00
threatpost
threatpost
Stagefright Patch Incomplete Leaving Android Devices Still Exposed
2015-08-13 13:00:18
Stagefright Variant 'Metaphor' Puts Millions Of Samsung, LG and HTC Phones At Risk
2016-03-17 18:41:03
nvd
nvd
CVE-2015-3864
2015-10-01 00:59:31
CVE-2015-3824
2015-10-01 00:59:09
cvelist
cvelist
CVE-2015-3864
2015-10-01 00:00:00
CVE-2015-3824
2015-10-01 00:00:00
ubuntucve
ubuntucve
CVE-2015-3864
2015-10-01 00:00:00
CVE-2015-3824
2015-10-01 00:00:00
zdt
zdt
Android libstagefright - Integer Overflow Remote Code Execution
2015-09-18 00:00:00
Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)
2016-03-30 00:00:00
Android Stagefright MP4 tx3g Integer Overflow Exploit
2016-09-27 00:00:00
packetstorm
packetstorm
Android Stagefright MP4 tx3g Integer Overflow
2016-09-27 00:00:00
myhack58
myhack58
Based on jemalloc Android exploit skills----CENSUS-bug warning-the black bar safety net
2017-05-01 00:00:00
googleprojectzero
googleprojectzero
Stagefrightened?
2015-09-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Google Android Stagefright MP4 Multiple Atoms Integer Overflow (CVE-2015-1538; CVE-2015-3824; CVE-2015-3829; CVE-2015-3864)
2015-08-12 00:00:00
cve
cve
CVE-2015-3824
2015-10-01 00:59:09
cert
cert
Android Stagefright contains multiple vulnerabilities
2015-07-28 00:00:00
androidsecurity
androidsecurity
Nexus Security Bulletin - September 2015
2015-09-09 00:00:00
Nexus Security Bulletinβ€”August 2015
2015-08-13 00:00:00
huawei
huawei
Security Advisory - Stagefright Vulnerability in Multiple Huawei Android Products
2015-08-09 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.97 High

EPSS

Percentile

99.8%

JSON
Related for CVE-2015-3864
thn3android4prion2threatpost2nvd2cvelist2ubuntucve2zdt3packetstorm1myhack581googleprojectzero1checkpoint_advisories1cve1cert1androidsecurity2huawei1