• HOME

  • ABOUT US

  • SERVICES

  • CONTACT

  • KNOWLEDGE

  • BUY ONLINE

  • More

    CYBER SECURITY ASSESSMENTS // PENETRATION TESTING // DATA SECURITY // IT SECURITY // SECURITY AUDITS // DIGITAL FORENSICS // CYBER INTELLIGENCE

                                      2016 VULNERABILITY DATABASE

     

     

     

    CVE-2016-2453

    Summary: The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27549705.

    Published: 5/9/2016 6:59:31 AM

     

    CVSS Severity: v3 - 7.0 HIGH      v2 - 7.6 HIGH

     

    CVE-2016-2452

    Summary: codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bugs 27662364 and 27843673.

    Published: 5/9/2016 6:59:30 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2451

    Summary: codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate VPX output buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27597103.

    Published: 5/9/2016 6:59:28 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2450

    Summary: codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27569635.

    Published: 5/9/2016 6:59:27 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2449

    Summary: services/camera/libcameraservice/device3/Camera3Device.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate template IDs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27568958.

    Published: 5/9/2016 6:59:26 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2448

    Summary: media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly validate entry data structures, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27533704.

    Published: 5/9/2016 6:59:25 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2446

    Summary: The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.

    Published: 5/9/2016 6:59:24 AM

     

    CVSS Severity: v3 - 7.0 HIGH      v2 - 7.6 HIGH

     

    CVE-2016-2445

    Summary: The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.

    Published: 5/9/2016 6:59:23 AM

     

    CVSS Severity: v3 - 7.0 HIGH      v2 - 7.6 HIGH

     

    CVE-2016-2444

    Summary: The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.

    Published: 5/9/2016 6:59:21 AM

     

    CVSS Severity: v3 - 7.0 HIGH      v2 - 7.6 HIGH

     

    CVE-2016-2443

    Summary: The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525.

    Published: 5/9/2016 6:59:20 AM

     

    CVSS Severity: v3 - 7.0 HIGH      v2 - 7.6 HIGH

     

    CVE-2016-2442

    Summary: The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907.

    Published: 5/9/2016 6:59:19 AM

     

    CVSS Severity: v3 - 7.0 HIGH      v2 - 7.6 HIGH

     

    CVE-2016-2441

    Summary: The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602.

    Published: 5/9/2016 6:59:18 AM

     

    CVSS Severity: v3 - 7.0 HIGH      v2 - 7.6 HIGH

     

    CVE-2016-2440

    Summary: libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 mishandles object references, which allows attackers to gain privileges via a crafted application, aka internal bug 27252896.

    Published: 5/9/2016 6:59:17 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2439

    Summary: Buffer overflow in btif/src/btif_dm.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows remote attackers to execute arbitrary code via a long PIN value, aka internal bug 27411268.

    Published: 5/9/2016 6:59:16 AM

     

    CVSS Severity: v3 - 8.8 HIGH      v2 - 5.4 MEDIUM

     

    CVE-2016-2437

    Summary: The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.

    Published: 5/9/2016 6:59:14 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2436

    Summary: The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.

    Published: 5/9/2016 6:59:13 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2435

    Summary: The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.

    Published: 5/9/2016 6:59:11 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2434

    Summary: The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.

    Published: 5/9/2016 6:59:10 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2432

    Summary: The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059.

    Published: 5/9/2016 6:59:09 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2016-2431

    Summary: The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 24968809.

    Published: 5/9/2016 6:59:08 AM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

     

    <<< New  Older >>>

     

    Trojan 1 | PCI Compliance | HIPAA Compliance | GLBA Compliance | GDPR Compliance | Penetration Testing | Web Application Assessment | Corporate Security Assessment | Cyber Threat Intelligence 24 / 7

     

    Cyber Breach Lawyers | Vulnerability Assessments | CISO On Demand | Black Ops | Secure Cloud | Personal Security Assessments | Small Business IT Security  | NY Cybersecurity Rule 23 NYCRR 500

     

    Ethical Hacking for Small Businesses | IT Compliance Small Business | Security Breach Management Solutions | Big Data Security | Corporate Randsomware

     

    Website Security for Small Businesses | Security Consulting Services | Enterprise Security Services | Drone & Robotic IT Security

     

    Complete IT/Cyber Security Assessment |  Security Governance Services | Security & Risk Management | Digital Forensics

     

    Social Engineering Testing  | Cyber Liability Insurance | Data Centers Transformation & Security | Secure Access and Continuity Solutions

     

    Mobility Management  & Security | Network Management  Security Solutions | EndPoint Security Solutions |  National Vulnerability Database

    2200 PENNSYLVANIA AVENUE | NW | 4TH FLOOR EAST​ | WASHINGTON, D.C. 20037​

    ​​Tel: 202.507.5773 | Fax: 202.507.5601​ |  ContactUs@TrojanHorseSecurity.com

     

    • s-linkedin
    • s-facebook
    • Google Metallic
    • YouTube Metallic
    • Pinterest Metallic
    • s-tbird

    © 2020  TROJAN HORSE SECURITY INC

    • HOME

    • ABOUT US

    • SERVICES

    • CONTACT

    • KNOWLEDGE

    • BUY ONLINE

    • More