Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Parse_wave function in arm-wt-22k/lib_src/eas_mdls.c in the Sonivox DLS-to-EAS converter in Android before 5.1.1 LMY48I does not reject a negative value for a certain size field, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted XMF data, aka internal bug 21132860.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android Sonivox DLS-to-EAS转换器组件数字错误漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。Sonivox DLS-to-EAS是其中的一个声音转换器组件。 Android 5.1及之前版本的Sonivox DLS-to-EAS转换器组件中的arm-wt-22k/lib_src/eas_mdls.c文件中的‘Parse_wave’函数存在安全漏洞,该漏洞源于程序没有限制‘size’字段使用负值。
CVSS Information
N/A
Vulnerability Type
N/A