{ "name": "CVE-2015-3873", "CVE": [ [ "CVE-2015-3873", "Bulletin-CVE-2015-3873" ] ], "Coordinated_disclosure": "unknown", "Categories": [ "Remote Code Execution Vulnerabilities in libstagefright" ], "Details": [ [ "libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23016072, 23248776, 23247055, 22845824, 22008959, 21814993, 21048776, 20718524, 20674674, 22388975, 20674086, 21443020, and 22077698, a different vulnerability than CVE-2015-7716.", "NIST-CVE-2015-3873" ] ], "Discovered_on": [], "Discovered_by": [], "Submission": [ { "by": "dcc52", "on": "2019-07-29" } ], "Reported_on": [ [ "2015-10-01", "Bulletin-CVE-2015-3873" ] ], "Fixed_on": [ [ "2015-08-18", "ANDROID-23247055" ] ], "Fix_released_on": [], "Affected_versions": [ [ "5.1 and below, 5.0 and 5.1", "Bulletin-CVE-2015-3873" ] ], "Affected_devices": [], "Affected_versions_regexp": [ "([1-4]\\.[0-9]\\.[0-9])|(5\\.[0-1]\\.[0-9])" ], "Affected_manufacturers": [ [ "all", "Bulletin-CVE-2015-3873" ] ], "Fixed_versions": [], "Fixed_versions_regexp": [ "" ], "references": { "ANDROID-20674086": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/c23e3dd8af7397f023aae040c4a03dd14091cbed" }, "2": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/65842db06c2d77e53cc5ac61692160d844cc7d0a" }, "3": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/38eff9af5c032bf12f89d6e94df05f65eef51afc" }, "4": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/91860b89488b3ee4644c539e89e657fbb79fb6ad" }, ",": {}, "ANDROID-20674674": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/3fd96683850cf27648e036180acb149fac362242" }, "ANDROID-20718524": { "url": "https://android.googlesource.com/platform%2Fexternal%2Ftremolo/+/2e941e40ce76eb13b273479a4ee8fb6e40d33795" }, "ANDROID-21048776": { "url": "https://android.googlesource.com/platform%2Fexternal%2Ftremolo/+/06ca06ac6107f88530cc67225c47537621bb41a5" }, "ANDROID-21443020": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/dc5e47f013bfbb74c5c35ad976aa98d480cb351b" }, "ANDROID-21814993": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f11e95b21007f24e5ab77298370855f9f085b2d7" }, "ANDROID-22008959": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/f810a8298aea13fa177060cdc10c8297eac69c49" }, "ANDROID-22077698": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/7913508110c80da87fb085514208adbd874d7d54" }, "ANDROID-22388975": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/073e4f6748f5d7deb095c42fad9271cb99e22d07" }, "ANDROID-22845824": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/bf47eb9c67ed364f3c288954857aab9d9311db4c" }, "ANDROID-23016072": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/b158a9a5bcfe21480f57bc58d45517f1a81cca39" }, "ANDROID-23247055": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5a132594b531f1f48098a790927f82080cc27f61" }, "ANDROID-23248776": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/d2ebc0b9e147f9406db20ec4df61da50e3614ee4" }, "ANDROID-20721050": { "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/3179e3b3531b5fe93dc7f5b2c378e27010a406d5" }, "NIST-CVE-2015-3873": { "url": "https://nvd.nist.gov/vuln/data-feeds" }, "Bulletin-CVE-2015-3873": { "url": "https://source.android.com/security/bulletin/2015-10-01.html" } }, "Surface": [ "remote" ], "Vector": [ "memory-corruption" ], "Target": [ "system-component" ], "Channel": [ "remote" ], "Condition": [ "malicious-file-viewed" ], "Privilege": [ "system" ], "CWE": [ [ "CWE-119", "NIST-CVE-2015-3873" ] ] }