Google: >> Android >> 5.1.1 Security Vulnerabilities
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34360591.
CVSS Score
5.5
EPSS Score
0.027
Published
2017-06-14
A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34819017.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-06-14
A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-35645051.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-06-14
A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1. Android ID: A-35472997.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-06-14
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33899337.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-14
An information disclosure vulnerability in libziparchive could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36392138.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-14
A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.
CVSS Score
7.8
EPSS Score
0.017
Published
2017-06-14
In all Android releases from CAF using the Linux kernel, libtomcrypt was updated.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-13
In all Android releases from CAF using the Linux kernel, some regions of memory were not protected during boot.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-13
In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-13