Vulnerabilities > Google > Android > 5.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-10-06 | CVE-2015-3868 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23270724. | 10.0 |
| 2015-10-06 | CVE-2015-3867 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23213430. | 10.0 |
| 2015-10-06 | CVE-2015-3865 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Runtime subsystem in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23050463. | 9.3 |
| 2015-10-06 | CVE-2015-3862 | Unspecified vulnerability in Google Android mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bug 22954006. | 5.0 |
| 2015-10-06 | CVE-2015-3847 | Permissions, Privileges, and Access Controls vulnerability in Google Android Bluetooth in Android before 5.1.1 LMY48T allows attackers to remove stored SMS messages via a crafted application, aka internal bug 22343270. | 6.4 |
| 2015-10-06 | CVE-2015-3823 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 21335999. | 10.0 |
| 2015-10-02 | CVE-2015-6602 | Improper Input Validation vulnerability in Google Android libutils in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file, as demonstrated by an attack against use of libutils by libstagefright in Android 5.x. | 9.3 |
| 2015-10-02 | CVE-2015-3876 | Improper Input Validation vulnerability in Google Android libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file. | 9.3 |
| 2015-10-01 | CVE-2015-6575 | Numeric Errors vulnerability in Google Android SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly consider integer promotion, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted atoms in MP4 data, aka internal bug 20139950, a different vulnerability than CVE-2015-1538. | 10.0 |
| 2015-10-01 | CVE-2015-3864 | Numeric Errors vulnerability in Google Android Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. | 10.0 |