CVE-2016-3861
published 2016-09-11CVE-2016-3861: LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between…
PriorityP351high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
11.17%
95.4th percentile
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted file, aka internal bug 29250543.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | android-platform-system-core | < android-platform-system-core 1:7.0.0+r1-4 (bullseye) | android-platform-system-core 1:7.0.0+r1-4 (bullseye) |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-42m2-m4h3-qr94: LibUtils in Android 4
ghsa_unreviewed·2022-05-17
CVE-2016-3861 [HIGH] CWE-119 GHSA-42m2-m4h3-qr94: LibUtils in Android 4
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted file, aka internal bug 29250543.
OSV
CVE-2016-3861: LibUtils in Android 4
osv·2016-09-11·CVSS 7.8
CVE-2016-3861 [HIGH] CVE-2016-3861: LibUtils in Android 4
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted file, aka internal bug 29250543.
Android
CVE-2016-3861: Android Security Bulletin 2016-09-01
CVE: CVE-2016-3861
Severity: CRITICAL
Affected AOSP versions: 4
vendor_android·2016-09-01·CVSS 7.8
CVE-2016-3861 [HIGH] CVE-2016-3861: Android Security Bulletin 2016-09-01
CVE: CVE-2016-3861
Severity: CRITICAL
Affected AOSP versions: 4
Android Security Bulletin 2016-09-01
CVE: CVE-2016-3861
Severity: CRITICAL
Affected AOSP versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0
References: A-29250543
[2]
[3]
[4]
Debian
CVE-2016-3861: android-platform-system-core - LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6....
vendor_debian·2016·CVSS 7.8
CVE-2016-3861 [HIGH] CVE-2016-3861: android-platform-system-core - LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6....
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted file, aka internal bug 29250543.
Scope: local
bullseye: resolved (fixed in 1:7.0.0+r1-4)
Suricata
ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) Set
suricata·2016-09-12
CVE-2016-3861 ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) Set
ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) Set
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) Set"; flow:established,to_client; flowbits:set,ET.MP4Stagefright; flowbits:noalert; file.data; content:"ftyp"; fast_pattern; offset:4; depth:4; content:"|00|"; distance:5; within:1; reference:cve,2016-3861; reference:url,googleprojectzero.blogspot.com.br/2016/09/return-to-libstagefright-exploiting.html; classtype:attempted-user; sid:2023184; rev:4; metadata:created_at 2016_09_12, cve CVE_2016_3861, confidence Medium, signature_severity Major, tag Android_Exploit, updated_at 2024_03_14;)
Suricata
ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) ROP
suricata·2016-09-12
CVE-2016-3861 ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) ROP
ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) ROP
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) ROP"; flow:established,to_client; flowbits:isset,ET.MP4Stagefright; file.data; content:"ID3"; content:!"|FF|"; within:1; content:"|41 d8 41 d8 41 dc 41 d8 41 d8 41 dc|"; fast_pattern; within:800; pcre:"/^(\x41\xd8\x41\xd8\x41\xdc){2,}\x41\x00/R"; reference:cve,2016-3861; reference:url,googleprojectzero.blogspot.com.br/2016/09/return-to-libstagefright-exploiting.html; classtype:attempted-user; sid:2023185; rev:5; metadata:affected_product Android, attack_target Client_Endpoint, created_at 2016_09_12, cve CVE_2016_3861, deployment Perimeter, performance_impact Low, confidence Medium, signature_severity Major, ta
No writeups or analysis indexed.
http://source.android.com/security/bulletin/2016-09-01.htmlhttp://www.securityfocus.com/bid/92811http://www.securitytracker.com/id/1036763https://android.googlesource.com/platform/frameworks/av/+/3944c65637dfed14a5a895685edfa4bacaf9f76ehttps://android.googlesource.com/platform/frameworks/base/+/866dc26ad4a98cc835d075b627326e7d7e52ffa1https://android.googlesource.com/platform/frameworks/native/+/1f4b49e64adf4623eefda503bca61e253597b9bfhttps://android.googlesource.com/platform/system/core/+/ecf5fd58a8f50362ce9e8d4245a33d56f29f142bhttps://www.exploit-db.com/exploits/40354/http://source.android.com/security/bulletin/2016-09-01.htmlhttp://www.securityfocus.com/bid/92811http://www.securitytracker.com/id/1036763https://android.googlesource.com/platform/frameworks/av/+/3944c65637dfed14a5a895685edfa4bacaf9f76ehttps://android.googlesource.com/platform/frameworks/base/+/866dc26ad4a98cc835d075b627326e7d7e52ffa1https://android.googlesource.com/platform/frameworks/native/+/1f4b49e64adf4623eefda503bca61e253597b9bfhttps://android.googlesource.com/platform/system/core/+/ecf5fd58a8f50362ce9e8d4245a33d56f29f142bhttps://www.exploit-db.com/exploits/40354/
2016-09-11
Published