PT-2015-2611 · Google · Android

Published

2015-11-03

·

Updated

2015-11-03

·

CVE-2015-8074

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Android versions prior to 5.1.1 LMY48X
Description The issue is related to the mediaserver component in Android, which lacks protection for certain data. This allows a remote attacker to bypass an unspecified protection mechanism and obtain sensitive information. The exact vectors used for the attack are not specified.
Recommendations For Android versions prior to 5.1.1 LMY48X, update to version 5.1.1 LMY48X or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data until the update is applied.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

BDU:2015-11976
CVE-2015-8074

Affected Products

Android