Details of VAR-201603-0118

ID

VAR-201603-0118

CVE

CVE-2016-1621

TITLE

Android Media server libvpx Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-001810

DESCRIPTION

libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvparser.cpp and other files, aka internal bug 23452792. GoogleNexus is a series of smart devices based on the Android operating system developed by Google Inc. of the United States, including mobile phones and tablets. The smart device is powered by Google and licensed to partner hardware vendors for manufacturing. A security vulnerability exists in mediaservers prior to GoogleNexusBuildsLMY49H. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201603-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: March 12, 2016 Bugs: #555640, #559384, #561448, #563098, #565510, #567308, #567870, #568396, #572542, #574416, #575434, #576354, #576858 ID: 201603-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Background ========== Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 49.0.2623.87 >= 49.0.2623.87 Description =========== Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-49.0.2623.87" References ========== [ 1 ] CVE-2015-1270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1270 [ 2 ] CVE-2015-1271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1271 [ 3 ] CVE-2015-1272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1272 [ 4 ] CVE-2015-1273 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1273 [ 5 ] CVE-2015-1274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1274 [ 6 ] CVE-2015-1275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1275 [ 7 ] CVE-2015-1276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1276 [ 8 ] CVE-2015-1277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1277 [ 9 ] CVE-2015-1278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1278 [ 10 ] CVE-2015-1279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1279 [ 11 ] CVE-2015-1280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1280 [ 12 ] CVE-2015-1281 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1281 [ 13 ] CVE-2015-1282 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1282 [ 14 ] CVE-2015-1283 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1283 [ 15 ] CVE-2015-1284 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1284 [ 16 ] CVE-2015-1285 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1285 [ 17 ] CVE-2015-1286 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1286 [ 18 ] CVE-2015-1287 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1287 [ 19 ] CVE-2015-1288 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1288 [ 20 ] CVE-2015-1289 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1289 [ 21 ] CVE-2015-1291 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1291 [ 22 ] CVE-2015-1292 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1292 [ 23 ] CVE-2015-1293 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1293 [ 24 ] CVE-2015-1294 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1294 [ 25 ] CVE-2015-1295 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1295 [ 26 ] CVE-2015-1296 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1296 [ 27 ] CVE-2015-1297 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1297 [ 28 ] CVE-2015-1298 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1298 [ 29 ] CVE-2015-1299 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1299 [ 30 ] CVE-2015-1300 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1300 [ 31 ] CVE-2015-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1302 [ 32 ] CVE-2015-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1303 [ 33 ] CVE-2015-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1304 [ 34 ] CVE-2015-6755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6755 [ 35 ] CVE-2015-6756 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6756 [ 36 ] CVE-2015-6757 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6757 [ 37 ] CVE-2015-6758 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6758 [ 38 ] CVE-2015-6759 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6759 [ 39 ] CVE-2015-6760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6760 [ 40 ] CVE-2015-6761 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6761 [ 41 ] CVE-2015-6762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6762 [ 42 ] CVE-2015-6763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6763 [ 43 ] CVE-2015-6764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6764 [ 44 ] CVE-2015-6765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6765 [ 45 ] CVE-2015-6766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6766 [ 46 ] CVE-2015-6767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6767 [ 47 ] CVE-2015-6768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6768 [ 48 ] CVE-2015-6769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6769 [ 49 ] CVE-2015-6770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6770 [ 50 ] CVE-2015-6771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6771 [ 51 ] CVE-2015-6772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6772 [ 52 ] CVE-2015-6773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6773 [ 53 ] CVE-2015-6774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6774 [ 54 ] CVE-2015-6775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6775 [ 55 ] CVE-2015-6776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6776 [ 56 ] CVE-2015-6777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6777 [ 57 ] CVE-2015-6778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6778 [ 58 ] CVE-2015-6779 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6779 [ 59 ] CVE-2015-6780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6780 [ 60 ] CVE-2015-6781 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6781 [ 61 ] CVE-2015-6782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6782 [ 62 ] CVE-2015-6783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6783 [ 63 ] CVE-2015-6784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6784 [ 64 ] CVE-2015-6785 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6785 [ 65 ] CVE-2015-6786 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6786 [ 66 ] CVE-2015-6787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6787 [ 67 ] CVE-2015-6788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6788 [ 68 ] CVE-2015-6789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6789 [ 69 ] CVE-2015-6790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6790 [ 70 ] CVE-2015-6791 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6791 [ 71 ] CVE-2015-6792 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6792 [ 72 ] CVE-2015-8126 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8126 [ 73 ] CVE-2016-1612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1612 [ 74 ] CVE-2016-1613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1613 [ 75 ] CVE-2016-1614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1614 [ 76 ] CVE-2016-1615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1615 [ 77 ] CVE-2016-1616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1616 [ 78 ] CVE-2016-1617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1617 [ 79 ] CVE-2016-1618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1618 [ 80 ] CVE-2016-1619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1619 [ 81 ] CVE-2016-1620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1620 [ 82 ] CVE-2016-1621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1621 [ 83 ] CVE-2016-1622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1622 [ 84 ] CVE-2016-1623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1623 [ 85 ] CVE-2016-1624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1624 [ 86 ] CVE-2016-1625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1625 [ 87 ] CVE-2016-1626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1626 [ 88 ] CVE-2016-1627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1627 [ 89 ] CVE-2016-1628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1628 [ 90 ] CVE-2016-1629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1629 [ 91 ] CVE-2016-1630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1630 [ 92 ] CVE-2016-1631 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1631 [ 93 ] CVE-2016-1632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1632 [ 94 ] CVE-2016-1633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1633 [ 95 ] CVE-2016-1634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1634 [ 96 ] CVE-2016-1635 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1635 [ 97 ] CVE-2016-1636 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1636 [ 98 ] CVE-2016-1637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1637 [ 99 ] CVE-2016-1638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1638 [ 100 ] CVE-2016-1639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1639 [ 101 ] CVE-2016-1640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1640 [ 102 ] CVE-2016-1641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1641 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201603-09 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.34

sources: NVD: CVE-2016-1621 // JVNDB: JVNDB-2016-001810 // CNVD: CNVD-2016-01543 // VULMON: CVE-2016-1621 // PACKETSTORM: 136204

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-01543

AFFECTED PRODUCTS

vendor:	google	model:	android	scope:	eq	version:	5.0.2	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	6.0.1	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	5.1.0	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	5.1	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	6.0	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	5.0.1	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	4.4.3	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	4.4.2	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	5.1.1	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	5.0	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	4.0	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.4	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.1.2	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.1	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.0.2	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.0.1	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.2	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.3	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.0.4	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.2.2	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.4.1	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.3.1	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.0.3	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	4.2.1	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	5.1.1 lmy49h	Trust: 0.8
vendor:	google	model:	android	scope:	lt	version:	5.x	Trust: 0.8
vendor:	google	model:	android	scope:	lt	version:	2016-03-01 earlier 6.x	Trust: 0.8
vendor:	google	model:	android	scope:	eq	version:	4.4.4	Trust: 0.8
vendor:	google	model:	android	scope:	lt	version:	4.x	Trust: 0.8
vendor:	google	model:	nexus lmy49h	scope:	lt	version:	-	Trust: 0.6

sources: CNVD: CNVD-2016-01543 // JVNDB: JVNDB-2016-001810 // CNNVD: CNNVD-201603-092 // NVD: CVE-2016-1621

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1621
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-1621
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-01543
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201603-092
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2016-1621
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-1621
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2016-01543
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2016-1621
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: CNVD: CNVD-2016-01543 // VULMON: CVE-2016-1621 // JVNDB: JVNDB-2016-001810 // CNNVD: CNNVD-201603-092 // NVD: CVE-2016-1621

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2016-001810 // NVD: CVE-2016-1621

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 136204 // CNNVD: CNNVD-201603-092

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201603-092

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-001810

PATCH

title:	DO NOT MERGE - Remove deprecated image defines	url:	https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55	Trust: 0.8
title:	libwebm: Pull from upstream	url:	https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d	Trust: 0.8
title:	Merge Conflict Fix CL to lmp-mr1-release for ag/849478	url:	https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426	Trust: 0.8
title:	Nexus Security Bulletin - March 2016	url:	http://source.android.com/security/bulletin/2016-03-01.html	Trust: 0.8
title:	GoogleNexusmediaserver memory corruption vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/72457	Trust: 0.6
title:	Android mediaserver Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60452	Trust: 0.6
title:	Red Hat: CVE-2016-1621	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2016-1621	Trust: 0.1
title:	Android Security Bulletins: Nexus Security Bulletin - March 2016	url:	https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=bdec4bc902496de72a50f4fbaa9a726a	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/google-fixes-critical-android-mediaserver-bugs-again/116614/	Trust: 0.1

sources: CNVD: CNVD-2016-01543 // VULMON: CVE-2016-1621 // JVNDB: JVNDB-2016-001810 // CNNVD: CNNVD-201603-092

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1621	Trust: 3.2
db:	SECUNIA	id:	69391	Trust: 1.2
db:	BID	id:	84239	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-001810	Trust: 0.8
db:	CNVD	id:	CNVD-2016-01543	Trust: 0.6
db:	CNNVD	id:	CNNVD-201603-092	Trust: 0.6
db:	VULMON	id:	CVE-2016-1621	Trust: 0.1
db:	PACKETSTORM	id:	136204	Trust: 0.1

sources: CNVD: CNVD-2016-01543 // VULMON: CVE-2016-1621 // JVNDB: JVNDB-2016-001810 // PACKETSTORM: 136204 // CNNVD: CNNVD-201603-092 // NVD: CVE-2016-1621

REFERENCES

url:	http://source.android.com/security/bulletin/2016-03-01.html	Trust: 2.4
url:	https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426	Trust: 1.7
url:	https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d	Trust: 1.7
url:	https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55	Trust: 1.7
url:	http://secunia.com/advisories/69391	Trust: 1.2
url:	http://www.securityfocus.com/bid/84239	Trust: 1.2
url:	https://security.gentoo.org/glsa/201603-09	Trust: 1.2
url:	http://lists.fedoraproject.org/pipermail/package-announce/2016-march/179128.html	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1621	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1621	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2016-1621	Trust: 0.1
url:	https://threatpost.com/google-fixes-critical-android-mediaserver-bugs-again/116614/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1625	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1276	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1295	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6768	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1273	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1641	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6792	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6761	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1617	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1278	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1293	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6764	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1285	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1296	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6791	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1274	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6786	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1296	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1288	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1619	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6776	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1613	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6773	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1297	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1615	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1282	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1287	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1284	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6771	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1636	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1621	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1294	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1639	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1278	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1298	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1299	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6781	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1279	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1289	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1272	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6762	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6789	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6763	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6758	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1297	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1635	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1618	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8126	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1280	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1632	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1622	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1624	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1281	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1270	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1637	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1277	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1289	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1291	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1283	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1295	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1286	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1279	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1287	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1304	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1292	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1620	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1271	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1293	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6757	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6770	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1623	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6774	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1294	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1614	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6783	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1280	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6787	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6790	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1281	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6766	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1612	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1640	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1303	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6765	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1284	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6785	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6756	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1634	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6760	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1633	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1626	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6782	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6767	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6780	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1288	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1302	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1628	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6788	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1292	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1275	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1627	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6775	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1272	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1616	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1629	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6778	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6784	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6769	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1277	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1300	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6772	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1275	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1273	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6759	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6777	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1638	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1291	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1285	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1286	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1631	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1298	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6755	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1283	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1282	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1271	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1270	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1276	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1630	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1274	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6779	Trust: 0.1

sources: CNVD: CNVD-2016-01543 // VULMON: CVE-2016-1621 // JVNDB: JVNDB-2016-001810 // PACKETSTORM: 136204 // CNNVD: CNNVD-201603-092 // NVD: CVE-2016-1621

CREDITS

Gentoo

Trust: 0.1

sources: PACKETSTORM: 136204

SOURCES

db:	CNVD	id:	CNVD-2016-01543
db:	VULMON	id:	CVE-2016-1621
db:	JVNDB	id:	JVNDB-2016-001810
db:	PACKETSTORM	id:	136204
db:	CNNVD	id:	CNNVD-201603-092
db:	NVD	id:	CVE-2016-1621

LAST UPDATE DATE

2025-04-13T22:29:38.681000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-01543	date:	2016-03-10T00:00:00
db:	VULMON	id:	CVE-2016-1621	date:	2016-12-03T00:00:00
db:	JVNDB	id:	JVNDB-2016-001810	date:	2016-03-22T00:00:00
db:	CNNVD	id:	CNNVD-201603-092	date:	2016-03-14T00:00:00
db:	NVD	id:	CVE-2016-1621	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-01543	date:	2016-03-10T00:00:00
db:	VULMON	id:	CVE-2016-1621	date:	2016-03-12T00:00:00
db:	JVNDB	id:	JVNDB-2016-001810	date:	2016-03-22T00:00:00
db:	PACKETSTORM	id:	136204	date:	2016-03-14T14:51:21
db:	CNNVD	id:	CNNVD-201603-092	date:	2016-03-09T00:00:00
db:	NVD	id:	CVE-2016-1621	date:	2016-03-12T21:59:17.823