Vulnerabilities > Google > Android > Critical

DATE CVE VULNERABILITY TITLE RISK
2016-04-18 CVE-2016-0837 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted media file, aka internal bug 27208621.
network
low complexity
google CWE-119
critical
9.8
2016-04-18 CVE-2016-0838 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
Sonivox in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for a negative number of samples, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to arm-wt-22k/lib_src/eas_wtengine.c and arm-wt-22k/lib_src/eas_wtsynth.c, aka internal bug 26366256.
network
low complexity
google CWE-119
critical
9.8
2016-04-18 CVE-2016-0839 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 6.0/6.0.1
post_proc/volume_listener.c in mediaserver in Android 6.x before 2016-04-01 mishandles deleted effect context, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25753245.
network
low complexity
google CWE-119
critical
9.8
2016-04-18 CVE-2016-0841 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
media/libmedia/mediametadataretriever.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mishandles cleared service binders, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26040840.
network
low complexity
google CWE-119
critical
9.8
2016-04-18 CVE-2016-1503 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a malformed DHCP response, aka internal bug 26461634.
network
low complexity
dhcpcd-project google CWE-119
critical
9.8
2016-04-18 CVE-2016-2416 Permissions, Privileges, and Access Controls vulnerability in Google Android
libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for the android.permission.DUMP permission, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via a dump request, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27046057.
network
low complexity
google CWE-264
critical
9.8
2016-04-18 CVE-2016-2417 Permissions, Privileges, and Access Controls vulnerability in Google Android
media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a parameter data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26914474.
network
low complexity
google CWE-264
critical
9.8
2016-04-18 CVE-2016-2418 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 6.0/6.0.1
media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain metadata buffer pointers, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26324358.
network
low complexity
google CWE-119
critical
9.8
2016-04-18 CVE-2016-2419 Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1
media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certain key-request data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26323455.
network
low complexity
google CWE-264
critical
9.8
2016-03-12 CVE-2016-0815 Improper Input Validation vulnerability in Google Android
The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26365349.
network
low complexity
google CWE-20
critical
9.8