Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-1538

Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted atoms in MP4 data that trigger an unchecked multiplication, aka internal bug 20139950, a related issue to CVE-2015-4496.

See the

CVE page on Mitre.org for more details.

References

MLIST: [android-security-upda...
CONFIRM: https://android.google...
BID: 76052
MISC: http://packetstormsecu...
CONFIRM: http://www.huawei.com/...
CONFIRM: http://www1.huawei.com...
EXPLOIT-DB: 38124
SECTRACK: 1033094

Launchpad.net

CVE 2015-1538

Related bugs

References