Vulnerabilities > CVE-2016-0824 - 7PK - Security Features vulnerability in Google Android 6.0/6.0.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25765591.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |
Common Weakness Enumeration (CWE)
References
- http://source.android.com/security/bulletin/2016-03-01.html
- http://source.android.com/security/bulletin/2016-03-01.html
- http://www.securityfocus.com/bid/84262
- http://www.securityfocus.com/bid/84262
- https://android.googlesource.com/platform/external/libmpeg2/+/ffab15eb80630dc799eb410855c93525b75233c3
- https://android.googlesource.com/platform/external/libmpeg2/+/ffab15eb80630dc799eb410855c93525b75233c3