Lucene search

[email protected]CVE-2015-6608

HistoryNov 03, 2015 - 11:59 a.m.

CVE-2015-6608

2015-11-0311:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2015-6608

android

mediaserver

remote code execution

denial of service

memory corruption

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.1%

JSON

mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 19779574, 23680780, 23876444, and 23658148, a different vulnerability than CVE-2015-8072 and CVE-2015-8073.

Affected configurations

NVD

Node

googleandroidRange5.0–5.1.1

googleandroidMatch6.0

CPENameOperatorVersion
google:androidgoogle androidlt5.1.1
google:androidgoogle androideq6.0

CPE	Name	Operator	Version
google:android	google android	lt	5.1.1
google:android	google android	eq	6.0

References

www.securitytracker.com/id/1034049

groups.google.com/forum/message/raw?msg=android-security-updates/n1aw2MGce4E/jhpVEWDUCAAJ

Social References

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.1%

JSON

Related for CVE-2015-6608

prion3 nvd3 cve2 android1 cvelist3 ubuntucve3 androidsecurity1 threatpost1