|
274781
|
- |
|
google
|
android
|
The checkDestination function in internal/telephony/SMSDispatcher.java in Android before 5.1.1 LMY48M relies on an obsolete permission name for an authorization check, which allows attackers to bypas…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3858
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274782
|
- |
|
google
|
android
|
The Region_createFromParcel function in core/jni/android/graphics/Region.cpp in Region in Android before 5.1.1 LMY48M does not check the return values of certain read operations, which allows attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3849
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274783
|
- |
|
google
|
android
|
The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3845
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274784
|
- |
|
google
|
android
|
The getProcessRecordLocked method in services/core/java/com/android/server/am/ActivityManagerService.java in ActivityManager in Android before 5.1.1 LMY48I allows attackers to trigger incorrect proce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3844
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274785
|
- |
|
google
|
android
|
The SIM Toolkit (STK) framework in Android before 5.1.1 LMY48I allows attackers to (1) intercept or (2) emulate unspecified Telephony STK SIM commands via an application that sends a crafted Intent, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3843
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274786
|
- |
|
google
|
android
|
Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3842
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274787
|
- |
|
google
|
android
|
The OpenSSLX509Certificate class in org/conscrypt/OpenSSLX509Certificate.java in Android before 5.1.1 LMY48I improperly includes certain context data during serialization and deserialization, which a…
|
CWE-20
Improper Input Validation
|
CVE-2015-3837
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274788
|
- |
|
google
|
android
|
The Parse_wave function in arm-wt-22k/lib_src/eas_mdls.c in the Sonivox DLS-to-EAS converter in Android before 5.1.1 LMY48I does not reject a negative value for a certain size field, which allows rem…
|
CWE-189
Numeric Errors
|
CVE-2015-3836
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274789
|
- |
|
google
|
android
|
Buffer overflow in the OMXNodeInstance::emptyBuffer function in omx/OMXNodeInstance.cpp in libstagefright in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted appli…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3835
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274790
|
- |
|
google
|
android
|
Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in libstagefright in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted appl…
|
CWE-189
Numeric Errors
|
CVE-2015-3834
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
