CVE-2015-1474

NONECVSS 0.0

0.0

Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values.

🔗 References (12)

cve@mitrehttp://packetstormsecurity.com/files/130778/Google-Android-Integer-Oveflow-Heap-Corruption.html
cve@mitrehttp://seclists.org/fulldisclosure/2015/Mar/63
cve@mitrehttp://www.securityfocus.com/bid/72788
cve@mitrehttp://www.securitytracker.com/id/1031875
cve@mitrehttps://android.googlesource.com/platform/frameworks/native/+/38803268570f90e97452cd9a30ac831661829091
cve@mitrehttps://www.blackhat.com/docs/us-15/materials/us-15-Gong-Fuzzing-Android-System-Services-By-Binder-Call-To-Escalate-Privilege.pdf
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/130778/Google-Android-Integer-Oveflow-Heap-Corruption.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2015/Mar/63
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/72788
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031875
af854a3a-2127-422b-91ae-364da2661108https://android.googlesource.com/platform/frameworks/native/+/38803268570f90e97452cd9a30ac831661829091
af854a3a-2127-422b-91ae-364da2661108https://www.blackhat.com/docs/us-15/materials/us-15-Gong-Fuzzing-Android-System-Services-By-Binder-Call-To-Escalate-Privilege.pdf

Is Your Infrastructure Affected by CVE-2015-1474?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2015-1474

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2015-1474?