2016 VULNERABILITY DATABASE

 

 

 

CVE-2016-1503

Summary: dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a malformed DHCP response, aka internal bug 26461634.

Published: 4/17/2016 8:59:15 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 10.0 HIGH

 

CVE-2016-0850

Summary: The PORCHE_PAIRING_CONFLICT feature in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to bypass intended pairing restrictions via a crafted device, aka internal bug 26551752.

Published: 4/17/2016 8:59:14 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 5.8 MEDIUM

 

CVE-2016-0849

Summary: Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26960931.

Published: 4/17/2016 8:59:13 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 7.2 HIGH

 

CVE-2016-0848

Summary: Race condition in Download Manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to bypass private-storage file-access restrictions via a crafted application that changes a symlink target, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26211054.

Published: 4/17/2016 8:59:12 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 7.2 HIGH

 

CVE-2016-0847

Summary: The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to spoof the originating telephone number of a call via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26864502.

Published: 4/17/2016 8:59:11 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 7.2 HIGH

 

CVE-2016-0846

Summary: libs/binder/IMemory.cpp in the IMemory Native Interface in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider the heap size, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26877992.

Published: 4/17/2016 8:59:10 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 7.2 HIGH

 

CVE-2016-0844

Summary: The Qualcomm RF driver in Android 6.x before 2016-04-01 does not properly restrict access to socket ioctl calls, which allows attackers to gain privileges via a crafted application, aka internal bug 26324307.

Published: 4/17/2016 8:59:09 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 7.2 HIGH

 

CVE-2016-0843

Summary: The Qualcomm ARM processor performance-event manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application, aka internal bug 25801197.

Published: 4/17/2016 8:59:08 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 7.2 HIGH

 

CVE-2016-0842

Summary: The H.264 decoder in libstagefright in Android 6.x before 2016-04-01 mishandles Memory Management Control Operation (MMCO) data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25818142.

Published: 4/17/2016 8:59:07 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 10.0 HIGH

 

CVE-2016-0841

Summary: media/libmedia/mediametadataretriever.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mishandles cleared service binders, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26040840.

Published: 4/17/2016 8:59:06 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 10.0 HIGH

 

CVE-2016-0840

Summary: Multiple stack-based buffer underflows in decoder/ih264d_parse_cavlc.c in mediaserver in Android 6.x before 2016-04-01 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26399350.

Published: 4/17/2016 8:59:05 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 10.0 HIGH

 

CVE-2016-0839

Summary: post_proc/volume_listener.c in mediaserver in Android 6.x before 2016-04-01 mishandles deleted effect context, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25753245.

Published: 4/17/2016 8:59:04 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 10.0 HIGH

 

CVE-2016-0838

Summary: Sonivox in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for a negative number of samples, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to arm-wt-22k/lib_src/eas_wtengine.c and arm-wt-22k/lib_src/eas_wtsynth.c, aka internal bug 26366256.

Published: 4/17/2016 8:59:03 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 10.0 HIGH

 

CVE-2016-0837

Summary: MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted media file, aka internal bug 27208621.

Published: 4/17/2016 8:59:03 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 10.0 HIGH

 

CVE-2016-0836

Summary: Stack-based buffer overflow in decoder/impeg2d_vld.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25812590.

Published: 4/17/2016 8:59:02 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 10.0 HIGH

 

CVE-2016-0835

Summary: decoder/impeg2d_dec_hdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a certain negative value, aka internal bug 26070014.

Published: 4/17/2016 8:59:01 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 10.0 HIGH

 

CVE-2016-0834

Summary: An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26220548.

Published: 4/17/2016 8:59:00 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 10.0 HIGH

 

CVE-2016-1340

Summary: Heap-based buffer overflow in Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A, and 3.0(2c)TS9 allows local users to gain privileges via crafted libclimeta.so filename arguments, aka Bug ID CSCux68837.

Published: 4/15/2016 9:59:05 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 7.2 HIGH

 

CVE-2016-1339

Summary: Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A, and 3.0(2c)TS9 allows local users to gain privileges via crafted arguments on a ucspe-copy command line, aka Bug ID CSCux68832.

Published: 4/15/2016 9:59:04 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 7.2 HIGH

 

CVE-2015-5271

Summary: The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive information from private containers via unspecified vectors.

Published: 4/15/2016 1:59:00 PM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.0 MEDIUM

 

<<< New  Older >>>