CVE-2015-1536

Loading...

General

Score:8.5/10.0
Severity:High
Category:Numeric Error

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 01/10/15 - Updated on 01/10/15

Description

Integer overflow in the Bitmap_createFromParcel function in core/jni/android/graphics/Bitmap.cpp in Android before 5.1.1 LMY48I allows attackers to cause a denial of service (system_server crash) or obtain sensitive system_server memory-content information via a crafted application that leverages improper unmarshalling of bitmaps, aka internal bug 19666945.

Category: Numeric Error

CWE-189 (Numeric Errors)
Weaknesses in this category are related to improper calculation or conversion of numbers.

Security Notices

US National Vulnerability DatabaseCVE-2015-1536

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
googleandroid

Share this vulnerability with:

Twitter Facebook LinkedIn Mail