Sign-up

ID

VAR-201603-0021


CVE

CVE-2016-0815


TITLE

Android Media server libstagefright of MPEG4Extractor.cpp Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-001793

DESCRIPTION

The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26365349. GoogleNexus is a series of smart devices based on the Android operating system developed by Google Inc. of the United States, including mobile phones and tablets. The smart device is powered by Google and licensed to partner hardware vendors for manufacturing. A security vulnerability exists in Mediaservers prior to GoogleNexusBuildsLMY49H

Trust: 2.25

sources: NVD: CVE-2016-0815 // JVNDB: JVNDB-2016-001793 // CNVD: CNVD-2016-01544 // VULMON: CVE-2016-0815

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-01544

AFFECTED PRODUCTS

vendor:googlemodel:androidscope:eqversion:6.0.1

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:4.0.3

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:4.0.4

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:6.0

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:4.1.2

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:4.0.2

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:4.0.1

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:4.0

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:5.1.1

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:4.1

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:4.4

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:5.0.1

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:5.0

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:5.1.0

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:4.2

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:4.3

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:4.4.2

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:4.4.3

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:5.1

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:4.2.2

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:4.4.1

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:4.3.1

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:5.0.2

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:4.2.1

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:5.1.1 lmy49h

Trust: 0.8

vendor:googlemodel:androidscope:ltversion:5.x

Trust: 0.8

vendor:googlemodel:androidscope:ltversion:2016-03-01 earlier 6.x

Trust: 0.8

vendor:googlemodel:androidscope:eqversion:4.4.4

Trust: 0.8

vendor:googlemodel:androidscope:ltversion:4.x

Trust: 0.8

vendor:googlemodel:nexus lmy49hscope:ltversion: -

Trust: 0.6

sources: CNVD: CNVD-2016-01544 // JVNDB: JVNDB-2016-001793 // CNNVD: CNNVD-201603-088 // NVD: CVE-2016-0815

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-0815
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-0815
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-01544
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201603-088
value: CRITICAL

Trust: 0.6

VULMON: CVE-2016-0815
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-0815
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2016-01544
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2016-0815
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.0

sources: CNVD: CNVD-2016-01544 // VULMON: CVE-2016-0815 // JVNDB: JVNDB-2016-001793 // CNNVD: CNNVD-201603-088 // NVD: CVE-2016-0815

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2016-001793 // NVD: CVE-2016-0815

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201603-088

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201603-088

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-001793

PATCH
title:Fix out-of-bounds writeurl:https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5403587a74aee2fb57076528c3927851531c8afb
Trust: 0.8
title:Nexus Security Bulletin - March 2016url:http://source.android.com/security/bulletin/2016-03-01.html
Trust: 0.8
title:Patch for GoogleNexusMediaserver Denial of Service Vulnerability (CNVD-2016-01544)url:https://www.cnvd.org.cn/patchInfo/show/72456
Trust: 0.6
title:Android mediaserver libstagefright Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60448
Trust: 0.6
title:Android Security Bulletins: Nexus Security Bulletin - March 2016url:https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=bdec4bc902496de72a50f4fbaa9a726a
Trust: 0.1
title:Threatposturl:https://threatpost.com/google-fixes-critical-android-mediaserver-bugs-again/116614/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01544 // 
            
            
            
            VULMON: CVE-2016-0815 // 
            
            
            
            JVNDB: JVNDB-2016-001793 // 
            
            
            
            CNNVD: CNNVD-201603-088

EXTERNAL IDS
db:NVDid:CVE-2016-0815
Trust: 3.1
db:SECUNIAid:69391
Trust: 1.2
db:BIDid:84235
Trust: 1.1
db:JVNDBid:JVNDB-2016-001793
Trust: 0.8
db:CNVDid:CNVD-2016-01544
Trust: 0.6
db:CNNVDid:CNNVD-201603-088
Trust: 0.6
db:VULMONid:CVE-2016-0815
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01544 // 
            
            
            
            VULMON: CVE-2016-0815 // 
            
            
            
            JVNDB: JVNDB-2016-001793 // 
            
            
            
            CNNVD: CNNVD-201603-088 // 
            
            
            
            NVD: CVE-2016-0815

REFERENCES
url:http://source.android.com/security/bulletin/2016-03-01.html
Trust: 2.4
url:https://android.googlesource.com/platform%2fframeworks%2fav/+/5403587a74aee2fb57076528c3927851531c8afb
Trust: 1.7
url:http://secunia.com/advisories/69391
Trust: 1.2
url:http://www.securityfocus.com/bid/84235
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0815
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0815
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/20.html
Trust: 0.1
url:https://www.rapid7.com/db/vulnerabilities/google-android-cve-2016-0815
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/google-fixes-critical-android-mediaserver-bugs-again/116614/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01544 // 
            
            
            
            VULMON: CVE-2016-0815 // 
            
            
            
            JVNDB: JVNDB-2016-001793 // 
            
            
            
            CNNVD: CNNVD-201603-088 // 
            
            
            
            NVD: CVE-2016-0815

SOURCES
db:CNVDid:CNVD-2016-01544
db:VULMONid:CVE-2016-0815
db:JVNDBid:JVNDB-2016-001793
db:CNNVDid:CNNVD-201603-088
db:NVDid:CVE-2016-0815

LAST UPDATE DATE
2025-04-13T22:44:39.884000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-01544date:2016-03-10T00:00:00
db:VULMONid:CVE-2016-0815date:2016-11-28T00:00:00
db:JVNDBid:JVNDB-2016-001793date:2016-03-22T00:00:00
db:CNNVDid:CNNVD-201603-088date:2016-03-14T00:00:00
db:NVDid:CVE-2016-0815date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-01544date:2016-03-10T00:00:00
db:VULMONid:CVE-2016-0815date:2016-03-12T00:00:00
db:JVNDBid:JVNDB-2016-001793date:2016-03-22T00:00:00
db:CNNVDid:CNNVD-201603-088date:2016-03-09T00:00:00
db:NVDid:CVE-2016-0815date:2016-03-12T21:59:00.117