Details of VAR-201603-0022

ID

VAR-201603-0022

CVE

CVE-2016-0816

TITLE

Android Vulnerabilities in arbitrary media servers that allow arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-001794

DESCRIPTION

mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_parse_islice.c and decoder/ih264d_parse_pslice.c, aka internal bug 25928803. GoogleNexus is a series of smart devices based on the Android operating system developed by Google Inc. of the United States, including mobile phones and tablets. The smart device is powered by Google and licensed to partner hardware vendors for manufacturing. A security vulnerability exists in Mediaservers prior to GoogleNexusBuildsLMY49H

Trust: 2.25

sources: NVD: CVE-2016-0816 // JVNDB: JVNDB-2016-001794 // CNVD: CNVD-2016-01546 // VULMON: CVE-2016-0816

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-01546

AFFECTED PRODUCTS

vendor:	google	model:	android	scope:	eq	version:	6.0.1	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	6.0	Trust: 1.6
vendor:	google	model:	android	scope:	lt	version:	2016-03-01 earlier 6.x	Trust: 0.8
vendor:	google	model:	nexus lmy49h	scope:	lt	version:	-	Trust: 0.6

sources: CNVD: CNVD-2016-01546 // JVNDB: JVNDB-2016-001794 // CNNVD: CNNVD-201603-089 // NVD: CVE-2016-0816

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-0816
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-0816
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-01546
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201603-089
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2016-0816
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-0816
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2016-01546
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2016-0816
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: CNVD: CNVD-2016-01546 // VULMON: CVE-2016-0816 // JVNDB: JVNDB-2016-001794 // CNNVD: CNNVD-201603-089 // NVD: CVE-2016-0816

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2016-001794 // NVD: CVE-2016-0816

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201603-089

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201603-089

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-001794

PATCH

title:	Decoder Update mb count after mb map is set.	url:	https://android.googlesource.com/platform/external/libavc/+/4a524d3a8ae9aa20c36430008e6bd429443f8f1d	Trust: 0.8
title:	Nexus Security Bulletin - March 2016	url:	http://source.android.com/security/bulletin/2016-03-01.html	Trust: 0.8
title:	GoogleNexusMediaserver denial of service vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/72458	Trust: 0.6
title:	Android mediaserver Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60449	Trust: 0.6
title:	Android Security Bulletins: Nexus Security Bulletin - March 2016	url:	https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=bdec4bc902496de72a50f4fbaa9a726a	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/google-fixes-critical-android-mediaserver-bugs-again/116614/	Trust: 0.1

sources: CNVD: CNVD-2016-01546 // VULMON: CVE-2016-0816 // JVNDB: JVNDB-2016-001794 // CNNVD: CNNVD-201603-089

EXTERNAL IDS

db:	NVD	id:	CVE-2016-0816	Trust: 3.1
db:	SECUNIA	id:	69391	Trust: 1.2
db:	BID	id:	84235	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-001794	Trust: 0.8
db:	CNVD	id:	CNVD-2016-01546	Trust: 0.6
db:	CNNVD	id:	CNNVD-201603-089	Trust: 0.6
db:	VULMON	id:	CVE-2016-0816	Trust: 0.1

sources: CNVD: CNVD-2016-01546 // VULMON: CVE-2016-0816 // JVNDB: JVNDB-2016-001794 // CNNVD: CNNVD-201603-089 // NVD: CVE-2016-0816

REFERENCES

url:	http://source.android.com/security/bulletin/2016-03-01.html	Trust: 2.4
url:	https://android.googlesource.com/platform/external/libavc/+/4a524d3a8ae9aa20c36430008e6bd429443f8f1d	Trust: 1.7
url:	http://secunia.com/advisories/69391	Trust: 1.2
url:	http://www.securityfocus.com/bid/84235	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0816	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0816	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/google-fixes-critical-android-mediaserver-bugs-again/116614/	Trust: 0.1

sources: CNVD: CNVD-2016-01546 // VULMON: CVE-2016-0816 // JVNDB: JVNDB-2016-001794 // CNNVD: CNNVD-201603-089 // NVD: CVE-2016-0816

SOURCES

db:	CNVD	id:	CNVD-2016-01546
db:	VULMON	id:	CVE-2016-0816
db:	JVNDB	id:	JVNDB-2016-001794
db:	CNNVD	id:	CNNVD-201603-089
db:	NVD	id:	CVE-2016-0816

LAST UPDATE DATE

2025-04-13T22:29:39.692000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-01546	date:	2016-03-10T00:00:00
db:	VULMON	id:	CVE-2016-0816	date:	2016-11-28T00:00:00
db:	JVNDB	id:	JVNDB-2016-001794	date:	2016-03-22T00:00:00
db:	CNNVD	id:	CNNVD-201603-089	date:	2016-03-14T00:00:00
db:	NVD	id:	CVE-2016-0816	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-01546	date:	2016-03-10T00:00:00
db:	VULMON	id:	CVE-2016-0816	date:	2016-03-12T00:00:00
db:	JVNDB	id:	JVNDB-2016-001794	date:	2016-03-22T00:00:00
db:	CNNVD	id:	CNNVD-201603-089	date:	2016-03-09T00:00:00
db:	NVD	id:	CVE-2016-0816	date:	2016-03-12T21:59:01.557