Security News > 2015 > September > Attack code for critical Android Stagefright flaw published (Help Net Security)
2015-09-10 09:34
After having graciously waited for quite a while to publish the exploit for the Android Stagefright vulnerability (CVE-2015-1538) so that Google, mobile carriers and device manufacturers might push ou...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/kRrVMjxnZIA/secworld.php
Related news
- Google fixes two Android zero-days used in targeted attacks (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Major security audit of critical FreeBSD components now available (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-10-01 | CVE-2015-1538 | Numeric Errors vulnerability in Google Android Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted atoms in MP4 data that trigger an unchecked multiplication, aka internal bug 20139950, a related issue to CVE-2015-4496. | 0.0 |