vulnerability

Google Android Vulnerability: CVE-2016-0804

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
2016-02-06
Added
2016-04-18
Modified
2017-10-30

Description

The NuPlayer::GenericSource::notifyPreparedAndCleanup function in media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 improperly manages mDrmManagerClient objects, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25070434.

Solution

google-android-upgrade-latest
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.