CVE-2015-3832: Buffer Overflow
First published: Thu Oct 01 2015(Updated: )
Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538.
Credit: security@android.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | <=5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-3832?
CVE-2015-3832 is considered critical as it allows remote code execution through buffer overflows.
How do I fix CVE-2015-3832?
To fix CVE-2015-3832, update your Android device to version 5.1.1 LMY48I or later.
What software is affected by CVE-2015-3832?
CVE-2015-3832 affects Android versions prior to 5.1.1 LMY48I.
Can CVE-2015-3832 be exploited remotely?
Yes, CVE-2015-3832 can be exploited remotely through specially crafted MP4 files.
What impact does CVE-2015-3832 have on mobile security?
CVE-2015-3832 exposes Android devices to potential unauthorized access and control, compromising user data and privacy.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- vendor/google
- canonical/android
- version/android/5.1