Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-2486

EPSS 0.04% · P13
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2016-2486

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate the relationship between allocated memory and the frame size, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27793371.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Android Mediaserver 提权漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。Mediaserver是其中的一个多媒体服务组件。 Android的Mediaserver中存在提权漏洞。本地攻击者可利用该漏洞以提升的权限执行任意代码。以下版本受到影响:Android 4.4.4之前版本,5.0.2之前版本,5.1.1之前版本,6.0之前版本,6.0.1之前版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2016-2486

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2016-2486

Please Login to view more intelligence information

Same Patch Batch · n/a · 2016-06-13 · 74 CVEs total

CVE-2016-2472Android Qualcomm Wi-Fi驱动安全漏洞
CVE-2016-2493Android Broadcom Wi-Fi驱动提权漏洞
CVE-2016-2480Android Mediaserver 提权漏洞
CVE-2016-2479Android Mediaserver 提权漏洞
CVE-2016-2478Android Mediaserver 提权漏洞
CVE-2016-2477Android Mediaserver 提权漏洞
CVE-2016-2476Android Mediaserver 提权漏洞
CVE-2016-2475Android Broadcom Wi-Fi驱动提权漏洞
CVE-2016-2474Android Qualcomm Wi-Fi驱动安全漏洞
CVE-2016-2473Android Qualcomm Wi-Fi驱动安全漏洞
CVE-2016-2481Android Mediaserver 提权漏洞
CVE-2016-2471Android Qualcomm Wi-Fi驱动安全漏洞
CVE-2016-2470Android Qualcomm Wi-Fi驱动安全漏洞
CVE-2016-2469Android Qualcomm声音驱动提权漏洞
CVE-2016-2468Android Qualcomm GPU Driver 提权漏洞
CVE-2016-2467Android Qualcomm声音驱动安全漏洞
CVE-2016-2466Android Qualcomm声音驱动安全漏洞
CVE-2016-2465Android Qualcomm Video Driver 本地提权漏洞
CVE-2016-2464Android libwebm 输入验证错误漏洞
CVE-2016-2463Android Mediaserver 远程代码执行漏洞

Showing top 20 of 74 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2016-2486

No comments yet

Leave a comment