Vulnerabilities > CVE-2015-1474 - Numeric Errors vulnerability in Google Android
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Packetstorm
| data source | https://packetstormsecurity.com/files/download/130778/androidunflatten-overflow.txt |
| id | PACKETSTORM:130778 |
| last seen | 2016-12-05 |
| published | 2015-03-12 |
| reporter | Guang Gong |
| source | https://packetstormsecurity.com/files/130778/Google-Android-Integer-Oveflow-Heap-Corruption.html |
| title | Google Android Integer Oveflow / Heap Corruption |
References
- http://packetstormsecurity.com/files/130778/Google-Android-Integer-Oveflow-Heap-Corruption.html
- http://seclists.org/fulldisclosure/2015/Mar/63
- http://www.securityfocus.com/bid/72788
- http://www.securitytracker.com/id/1031875
- https://android.googlesource.com/platform/frameworks/native/+/38803268570f90e97452cd9a30ac831661829091
- https://www.blackhat.com/docs/us-15/materials/us-15-Gong-Fuzzing-Android-System-Services-By-Binder-Call-To-Escalate-Privilege.pdf