CVE-2016-3880

MEDIUM Year: 2016
CVSS v3 Score
5.5
Medium
CVSS v2 Score
7.1
High
Weakness Type
CWE-284
View all →

Vulnerability Description

Multiple buffer overflows in rtsp/ASessionDescription.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 25747670.

Related Vulnerabilities

CVE-2013-7460

MEDIUM
CVSS:5.5(Medium)

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part o...

CWE-2842013

CVE-2013-7461

MEDIUM
CVSS:5.5(Medium)

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write ...

CWE-2842013

CVE-2014-9798

MEDIUM
CVSS:5.5(Medium)

platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attac...

CWE-2842014

CVE-2015-1976

MEDIUM
CVSS:5.5(Medium)

IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash.

CWE-2842015

CVE-2015-3840

MEDIUM
CVSS:5.5(Medium)

The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" ...

CWE-2842015

CVE-2015-7895

MEDIUM
CVSS:5.5(Medium)

Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).

CWE-2842015