Lucene search

[email protected]CVE-2015-3878

HistoryOct 06, 2015 - 5:59 p.m.

CVE-2015-3878

2015-10-0617:59:15

CWE-264

[email protected]

web.nvd.nist.gov

cve

2015

3878

media projection

android

security

vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

22.8%

JSON

Media Projection in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to bypass an intended screen-recording warning feature and obtain sensitive screen-snapshot information via a crafted application that references a long application name, aka internal bug 23345192.

Affected configurations

NVD

Node

googleandroidMatch5.0

googleandroidMatch5.1

CPENameOperatorVersion
google:androidgoogle androideq5.0
google:androidgoogle androideq5.1

CPE	Name	Operator	Version
google:android	google android	eq	5.0
google:android	google android	eq	5.1

References

groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

22.8%

JSON

Related for CVE-2015-3878

ubuntucve1 cvelist1 nvd1 prion1 androidsecurity1