{ "name": "CVE-2015-3828", "CVE": [ [ "CVE-2015-3828", "Bulletin-CVE-2015-3828" ] ], "Coordinated_disclosure": "unknown", "Categories": [ "Integer underflow in libstagefright if size is below 6 while processing 3GPP metadata" ], "Details": [ [ "The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted 3GPP metadata, aka internal bug 20923261, a related issue to CVE-2015-3826.", "NIST-CVE-2015-3828" ] ], "Discovered_on": [], "Discovered_by": [], "Submission": [ { "by": "dcc52", "on": "2019-07-29" } ], "Reported_on": [ [ "2015-08-01", "Bulletin-CVE-2015-3828" ] ], "Fixed_on": [ [ "2015-05-04", "ANDROID-20923261" ] ], "Fix_released_on": [], "Affected_versions": [ [ "5.0 and above", "Bulletin-CVE-2015-3828" ] ], "Affected_devices": [], "Affected_versions_regexp": [ "5\\.[0-1]\\.[0-9]" ], "Affected_manufacturers": [ [ "all", "Bulletin-CVE-2015-3828" ] ], "Fixed_versions": [], "Fixed_versions_regexp": [ "" ], "references": { "ANDROID-20923261": { "url": "https://android.googlesource.com/platform/frameworks/av/+/f4f7e0c102819f039ebb1972b3dba1d3186bc1d1" }, "NIST-CVE-2015-3828": { "url": "https://nvd.nist.gov/vuln/data-feeds" }, "Bulletin-CVE-2015-3828": { "url": "https://source.android.com/security/bulletin/2015-08-01.html" } }, "Surface": [ "remote" ], "Vector": [ "memory-corruption" ], "Target": [ "system-component" ], "Channel": [ "remote" ], "Condition": [ "malicious-file-viewed" ], "Privilege": [ "system" ], "CWE": [ [ "CWE-119", "NIST-CVE-2015-3828" ] ] }