Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  >> 2.1  Security Vulnerabilities
CVE-2015-3870
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22771132.
CVSS Score
10.0
EPSS Score
0.01
Published
2015-10-06
CVE-2015-3868
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23270724.
CVSS Score
10.0
EPSS Score
0.044
Published
2015-10-06
CVE-2015-3867
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23213430.
CVSS Score
10.0
EPSS Score
0.015
Published
2015-10-06
CVE-2015-3865
The Runtime subsystem in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23050463.
CVSS Score
9.3
EPSS Score
0.002
Published
2015-10-06
CVE-2015-3862
mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bug 22954006.
CVSS Score
5.0
EPSS Score
0.001
Published
2015-10-06
CVE-2015-3847
Bluetooth in Android before 5.1.1 LMY48T allows attackers to remove stored SMS messages via a crafted application, aka internal bug 22343270.
CVSS Score
6.4
EPSS Score
0.001
Published
2015-10-06
CVE-2015-3823
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 21335999.
CVSS Score
10.0
EPSS Score
0.01
Published
2015-10-06
CVE-2015-6602
libutils in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file, as demonstrated by an attack against use of libutils by libstagefright in Android 5.x.
CVSS Score
9.3
EPSS Score
0.018
Published
2015-10-02
CVE-2015-3876
libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file.
CVSS Score
9.3
EPSS Score
0.046
Published
2015-10-02
CVE-2015-6575
SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly consider integer promotion, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted atoms in MP4 data, aka internal bug 20139950, a different vulnerability than CVE-2015-1538. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-7915, CVE-2014-7916, and/or CVE-2014-7917.
CVSS Score
10.0
EPSS Score
0.186
Published
2015-10-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved