Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android Stagefright 数字错误漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。libstagefright是其中的一个硬解码支持库。 Android 5.1及之前版本的libstagefright中的ESDS.cpp文件中的‘ESDS::parseESDescriptor’函数存在整数溢出漏洞。远程攻击者可借助特制的ESDS元素利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A