CVE-2015-3829
published 2015-10-01CVE-2015-3829: Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to…
PriorityP262critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
89.78%
99.8th percentile
Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted MPEG-4 covr atoms with a size equal to SIZE_MAX, aka internal bug 20923261.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | <= 5.1 | — | |
| android | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for crafted MPEG-4 files containing 'covr' atoms with a size value equal to SIZE_MAX, which triggers an off-by-one integer overflow in MPEG4Extractor::parseChunk within libstagefright ↗
- →Vulnerable code path is in MPEG4Extractor.cpp within libstagefright on Android before 5.1.1 LMY48I; monitor for memory corruption or crashes originating from this library when parsing MPEG-4 media files ↗
- ·Vulnerability affects Android 5.0 and above (up to but not including 5.1.1 LMY48I); devices running older Android versions are not affected by this specific CVE ↗
- ·This is rated CRITICAL severity, indicating remote code execution is achievable without user interaction beyond opening a malicious media file ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hg7p-rp3c-x8gr: Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor
ghsa_unreviewed·2022-05-17
CVE-2015-3829 [HIGH] GHSA-hg7p-rp3c-x8gr: Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor
Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted MPEG-4 covr atoms with a size equal to SIZE_MAX, aka internal bug 20923261.
Android
CVE-2015-3829: Android Security Bulletin 2015-08-01
CVE: CVE-2015-3829
Severity: CRITICAL
Affected AOSP versions: 5
vendor_android·2015-08-01·CVSS 10.0
CVE-2015-3829 [CRITICAL] CVE-2015-3829: Android Security Bulletin 2015-08-01
CVE: CVE-2015-3829
Severity: CRITICAL
Affected AOSP versions: 5
Android Security Bulletin 2015-08-01
CVE: CVE-2015-3829
Severity: CRITICAL
Affected AOSP versions: 5.0 and above
No detection rules found.
No public exploits indexed.
Recorded Future
Stagefright Exploits Hit the Web | Recorded Future
blogs_recorded_future·CVSS 10.0
[CRITICAL] Stagefright Exploits Hit the Web | Recorded Future
## Stagefright Exploits Hit the Web
Exploits and proof of concepts (POCs) are appearing on the Web for Stagefright, hyped as the "Mother of all Android vulnerabilities" capable of gaining remote code execution privileges via a malicious MMS (e.g., a picture message). This collection of 10 vulnerabilities reportedly impacts 95% of all Android devices - over 900 million phones.
Recorded Future has identified shared exploits and POCs appearing on the Web 10 days after the July 21 announcement by Zimperium zLabs researcher Joshua Drake.
## Click image for larger view
The first known publicly available POC appeared on Chinese language forum heishou.com.cn on July 31 and was subsequently shared on Twitter and reposted on other forums.
Packaged exploits for use by lower skilled cyber crimina
Recorded Future
Stagefright Exploits Hit the Web
blogs_recorded_future·CVSS 10.0
[CRITICAL] Stagefright Exploits Hit the Web
# Stagefright Exploits Hit the Web
Exploits and proof of concepts (POCs) are appearing on the Web for Stagefright, hyped as the "Mother of all Android vulnerabilities" capable of gaining remote code execution privileges via a malicious MMS (e.g., a picture message). This collection of 10 vulnerabilities reportedly impacts 95% of all Android devices - over 900 million phones.
Recorded Future has identified shared exploits and POCs appearing on the Web 10 days after the July 21 announcement by Zimperium zLabs researcher Joshua Drake.
###### Click image for larger view
The first known publicly available POC appeared on Chinese language forum heishou.com.cn on July 31 and was subsequently shared on Twitter and reposted on other forums.
Packaged exploits for use by lower skilled cyber crim
http://www.huawei.com/en/psirt/security-advisories/hw-448928http://www.securityfocus.com/bid/76052http://www.securitytracker.com/id/1033094http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-448928.htmhttps://android.googlesource.com/platform/frameworks/av/+/2674a7218eaa3c87f2ee26d26da5b9170e10f859https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJhttp://www.huawei.com/en/psirt/security-advisories/hw-448928http://www.securityfocus.com/bid/76052http://www.securitytracker.com/id/1033094http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-448928.htmhttps://android.googlesource.com/platform/frameworks/av/+/2674a7218eaa3c87f2ee26d26da5b9170e10f859https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ
2015-10-01
Published