CVEs-PoC/2015/CVE-2015-3864.md at 52f3262c8d52545fc4e20c2a38454fc446c51385

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 23:27:33 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3824.

POC

Reference

https://www.exploit-db.com/exploits/38226/
https://www.exploit-db.com/exploits/38226/
https://www.exploit-db.com/exploits/39640/
https://www.exploit-db.com/exploits/39640/
https://www.exploit-db.com/exploits/40436/
https://www.exploit-db.com/exploits/40436/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Bhathiya404/Exploiting-Stagefright-Vulnerability-CVE-2015-3864
https://github.com/HenryVHuang/CVE-2015-3864
https://github.com/HighW4y2H3ll/libstagefrightExploit
https://github.com/eudemonics/scaredycat
https://github.com/hac425xxx/heap-exploitation-in-real-world
https://github.com/hoangcuongflp/MobileSecurity2016-recap
https://github.com/pwnaccelerator/stagefright-cve-2015-3864

1.4 KiB Raw Blame History

CVE-2015-3864

Description

POC

Reference

Github

1.4 KiB

Raw Blame History