{ "name": "CVE-2015-6636", "CVE": [ [ "CVE-2015-6636", "Bulletin-CVE-2015-6636" ] ], "Coordinated_disclosure": "unknown", "Categories": [ "Remote Code Execution Vulnerability in Mediaserver" ], "Details": [ [ "mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 25070493 and 24686670.", "NIST-CVE-2015-6636" ] ], "Discovered_on": [], "Discovered_by": [], "Submission": [ { "by": "dcc52", "on": "2019-07-29" } ], "Reported_on": [ [ "2016-01-01", "Bulletin-CVE-2015-6636" ] ], "Fixed_on": [ [ "2015-10-27", "ANDROID-25070493" ] ], "Fix_released_on": [], "Affected_versions": [ [ "5.0, 5.1.1, 6.0, 6.0.1", "Bulletin-CVE-2015-6636" ] ], "Affected_devices": [], "Affected_versions_regexp": [ "(5\\.0\\.[0-9])|(5\\.1\\.1)|(6\\.0\\.[0-9])|(6\\.0\\.1)" ], "Affected_manufacturers": [ [ "all", "Bulletin-CVE-2015-6636" ] ], "Fixed_versions": [ [ "5.0, 5.1.1, 6.0, 6.0.1", "Bulletin-CVE-2015-6636" ] ], "Fixed_versions_regexp": [ "(5\\.0\\.[0-9])|(5\\.1\\.1)|(6\\.0\\.[0-9])|(6\\.0\\.1)" ], "references": { "ANDROID-25070493": { "url": "https://android.googlesource.com/platform%2Fexternal%2Flibhevc/+/b9f7c2c45c6fe770b7daffb9a4e61522d1f12d51" }, "ANDROID-24686670": { "url": "https://android.googlesource.com/platform%2Fexternal%2Flibhevc/+/e8bfec1fa41eafa1fd8e05d0fdc53ea0f2379518" }, "NIST-CVE-2015-6636": { "url": "https://nvd.nist.gov/vuln/data-feeds" }, "Bulletin-CVE-2015-6636": { "url": "https://source.android.com/security/bulletin/2016-01-01.html" } }, "Surface": [ "remote" ], "Vector": [ "memory-corruption" ], "Target": [ "system-component" ], "Channel": [ "remote" ], "Condition": [ "malicious-file-viewed" ], "Privilege": [ "system" ], "CWE": [ [ "CWE-119", "NIST-CVE-2015-6636" ] ] }