Vulnerability Details CVE-2015-9206
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, during XML encoding of a message in the Playready module, a buffer overread may occur if the message passed is large.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2015-9206
-
cpe:2.3:h:qualcomm:msm8909w:-
-
cpe:2.3:h:qualcomm:sd_205:-
-
cpe:2.3:h:qualcomm:sd_210:-
-
cpe:2.3:h:qualcomm:sd_212:-
-
cpe:2.3:h:qualcomm:sd_400:-
-
cpe:2.3:h:qualcomm:sd_410:-
-
cpe:2.3:h:qualcomm:sd_412:-
-
cpe:2.3:h:qualcomm:sd_415:-
-
cpe:2.3:h:qualcomm:sd_615:-
-
cpe:2.3:h:qualcomm:sd_616:-
-
cpe:2.3:h:qualcomm:sd_617:-
-
cpe:2.3:h:qualcomm:sd_650:-
-
cpe:2.3:h:qualcomm:sd_652:-
-
cpe:2.3:h:qualcomm:sd_808:-
-
cpe:2.3:h:qualcomm:sd_810:-
-
cpe:2.3:o:qualcomm:msm8909w_firmware:-
-
cpe:2.3:o:qualcomm:sd_205_firmware:-
-
cpe:2.3:o:qualcomm:sd_210_firmware:-
-
cpe:2.3:o:qualcomm:sd_212_firmware:-
-
cpe:2.3:o:qualcomm:sd_400_firmware:-
-
cpe:2.3:o:qualcomm:sd_410_firmware:-
-
cpe:2.3:o:qualcomm:sd_412_firmware:-
-
cpe:2.3:o:qualcomm:sd_415_firmware:-
-
cpe:2.3:o:qualcomm:sd_615_firmware:-
-
cpe:2.3:o:qualcomm:sd_616_firmware:-
-
cpe:2.3:o:qualcomm:sd_617_firmware:-
-
cpe:2.3:o:qualcomm:sd_650_firmware:-
-
cpe:2.3:o:qualcomm:sd_652_firmware:-
-
cpe:2.3:o:qualcomm:sd_808_firmware:-
-
cpe:2.3:o:qualcomm:sd_810_firmware:-