Vulnerabilities > CVE-2016-3765 - Resource Management Errors vulnerability in Google Android 6.0/6.0.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
HIGH Summary
decoder/impeg2d_bitstream.c in mediaserver in Android 6.x before 2016-07-01 allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted application, aka internal bug 28168413.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |
Common Weakness Enumeration (CWE)
References
- http://source.android.com/security/bulletin/2016-07-01.html
- http://source.android.com/security/bulletin/2016-07-01.html
- https://android.googlesource.com/platform/external/libmpeg2/+/d1c775d1d8d2ed117d1e026719b7f9f089716597
- https://android.googlesource.com/platform/external/libmpeg2/+/d1c775d1d8d2ed117d1e026719b7f9f089716597