CVE Vulnerabilities

CVE-2015-1539

Published: Oct 01, 2015 | Modified: Sep 21, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493.

Affected Software

Name Vendor Start Version End Version
Android Google * 5.1
Android Ubuntu devel *
Android Ubuntu trusty *
Android Ubuntu upstream *
Android Ubuntu vivid *
Android Ubuntu vivid/stable-phone-overlay *
Android Ubuntu wily *

References