PT-2016-5713 · Google · Libvpx+1
Vignesh Venkatasubramanian
·
Publicado
2016-09-11
·
Atualizado
2017-08-13
·
CVE-2016-3881
CVSS v2.0
7.1
Alta
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
libvpx versions prior to those included in Android 4.4.4, 5.0.2, 5.1.1, and 7.0 (after 2016-09-01)
Description
The issue allows remote attackers to cause a denial of service, resulting in a buffer over-read, and potentially causing the device to hang or reboot, via a crafted media file.
Recommendations
For versions prior to those included in Android 4.4.4, update to Android 4.4.4 or later.
For versions 5.0.x prior to 5.0.2, update to Android 5.0.2 or later.
For versions 5.1.x prior to 5.1.1, update to Android 5.1.1 or later.
For versions 6.x before 2016-09-01, update to a version released after 2016-09-01.
For versions 7.0 before 2016-09-01, update to a version released after 2016-09-01.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android
Libvpx