Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation, aka internal bug 27855419.
2016-06-13T01:59:02.340
2025-04-12T10:46:40.837
Deferred
CVSSv3.0: 8.4 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | android | 4.0 | Yes | |
| Operating System | android | 4.0.1 | Yes | |
| Operating System | android | 4.0.2 | Yes | |
| Operating System | android | 4.0.3 | Yes | |
| Operating System | android | 4.0.4 | Yes | |
| Operating System | android | 4.1 | Yes | |
| Operating System | android | 4.1.2 | Yes | |
| Operating System | android | 4.2 | Yes | |
| Operating System | android | 4.2.1 | Yes | |
| Operating System | android | 4.2.2 | Yes | |
| Operating System | android | 4.3 | Yes | |
| Operating System | android | 4.3.1 | Yes | |
| Operating System | android | 4.4 | Yes | |
| Operating System | android | 4.4.1 | Yes | |
| Operating System | android | 4.4.2 | Yes | |
| Operating System | android | 4.4.3 | Yes | |
| Operating System | android | 5.0 | Yes | |
| Operating System | android | 5.0.1 | Yes | |
| Operating System | android | 5.1 | Yes | |
| Operating System | android | 5.1.0 | Yes | |
| Operating System | android | 6.0 | Yes | |
| Operating System | android | 6.0.1 | Yes |