cbcvebase.
CVE-2015-1539
published 2015-10-01

CVE-2015-1539: Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to…

PriorityP262critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
85.79%
99.7th percentile
Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493.

Affected

14 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
googleandroid<= 5.1
googleandroid
mozillafirefox<= 39.0.3
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox>= 0 < 40.0+build4-0ubuntu0.14.04.140.0+build4-0ubuntu0.14.04.1
opensuseopensuse
opensuseopensuse
oraclesolaris

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability resides in the ESDS::parseESDescriptor function in ESDS.cpp within libstagefright; monitor for exploitation attempts targeting MPEG-4/MP4 media parsing, specifically malformed ESDS atoms triggering integer underflows.
  • Trigger condition is an invalid size field in an esds chunk within MPEG-4 video data; inspect MP4 files or streams for malformed esds chunk size fields as a detection signal.
  • Affected Android versions are 5.1 and below (pre-5.1.1 LMY48I); prioritize detection and patching on devices running these OS versions.
  • ·This vulnerability is related to CVE-2015-4493 and both share the same root cause in libstagefright's ESDS parsing; detections should cover both CVEs when monitoring for stagefright exploitation.

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.