CVEs-PoC/2015/CVE-2015-6602.md at 52f3262c8d52545fc4e20c2a38454fc446c51385

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-12 05:11:38 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

libutils in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file, as demonstrated by an attack against use of libutils by libstagefright in Android 5.x.

POC

Reference

https://blog.zimperium.com/zimperium-zlabs-is-raising-the-volume-new-vulnerability-processing-mp3mp4-media/
https://blog.zimperium.com/zimperium-zlabs-is-raising-the-volume-new-vulnerability-processing-mp3mp4-media/
https://support.silentcircle.com/customer/en/portal/articles/2145864-privatos-1-1-12-release-notes
https://support.silentcircle.com/customer/en/portal/articles/2145864-privatos-1-1-12-release-notes
https://threatpost.com/stagefright-2-0-vulnerabilities-affect-1-billion-android-devices/114863/
https://threatpost.com/stagefright-2-0-vulnerabilities-affect-1-billion-android-devices/114863/

Github

No PoCs found on GitHub currently.

1.2 KiB Raw Blame History

CVE-2015-6602

Description

POC

Reference

Github

1.2 KiB

Raw Blame History