K3Vinlusec

**Name of the Vulnerable Software and Affected Versions** Windows Media (affected versions not specified) **Description** A heap-based buffer overflow exists in Windows Media that could allow an unauthorized attacker to execute code locally. Remote attackers may be able to execute arbitrary code and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 2016-08-01 **Description** The issue is related to the ih264d decoder in the mediaserver of Android, which mishandles slice numbers. This allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file. **Recommendations** For Android versions prior to 2016-08-01, update the operating system to a version released after 2016-08-01 to resolve the issue. As a temporary workaround, consider avoiding the use of crafted media files that could exploit the vulnerability in the ih264d decoder.