{ "name": "CVE-2015-3874", "CVE": [ [ "CVE-2015-3874", "Bulletin-CVE-2015-3874" ] ], "Coordinated_disclosure": "unknown", "Categories": [ "Remote Code Execution Vulnerabilities in Sonivox" ], "Details": [ [ "The Sonivox components in Android before 5.1.1 LMY48T allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23335715, 23307276, and 23286323.", "NIST-CVE-2015-3874" ] ], "Discovered_on": [], "Discovered_by": [], "Submission": [ { "by": "dcc52", "on": "2019-07-29" } ], "Reported_on": [ [ "2015-10-01", "Bulletin-CVE-2015-3874" ] ], "Fixed_on": [ [ "2015-08-21", "2" ] ], "Fix_released_on": [], "Affected_versions": [ [ "5.1 and below", "Bulletin-CVE-2015-3874" ] ], "Affected_devices": [], "Affected_versions_regexp": [ "([1-4]\\.[0-9]\\.[0-9])|(5\\.[0-1]\\.[0-9])" ], "Affected_manufacturers": [ [ "all", "Bulletin-CVE-2015-3874" ] ], "Fixed_versions": [], "Fixed_versions_regexp": [ "" ], "references": { "ANDROID-23335715": { "url": "https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/8cbef48ba6e3d3f844b895f8ca1a1aee74414fff" }, "ANDROID-23307276": { "url": "https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/5d2e7de37d4a28cf25cc5d0c64b3a29c1824dc0a" }, "2": { "url": "https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/f333a822c38c3d92f40e8f1686348e6a62c291" }, "ANDROID-23286323": { "url": "https://android.googlesource.com/platform%2Fexternal%2Fsonivox/+/8a9f53ee2c661e8b5b94d6e9fbb8af3baa34310d" }, "NIST-CVE-2015-3874": { "url": "https://nvd.nist.gov/vuln/data-feeds" }, "Bulletin-CVE-2015-3874": { "url": "https://source.android.com/security/bulletin/2015-10-01.html" } }, "Surface": [ "remote" ], "Vector": [ "memory-corruption" ], "Target": [ "system-component" ], "Channel": [ "remote" ], "Condition": [ "malicious-file-viewed" ], "Privilege": [ "system" ], "CWE": [ [ "CWE-119", "NIST-CVE-2015-3874" ] ] }