Vulnerability Name: | CVE-2015-3879 (CCN-109085) | ||||||||||||||||
Assigned: | 2015-10-05 | ||||||||||||||||
Published: | 2015-10-05 | ||||||||||||||||
Updated: | 2015-10-07 | ||||||||||||||||
Summary: | Media Player Framework in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bug 23223325. | ||||||||||||||||
CVSS v3 Severity: | 7.0 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) 6.1 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
| ||||||||||||||||
Vulnerability Type: | CWE-264 | ||||||||||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2015-3879 Source: CCN Type: Android Open Source Project Nexus Security Bulletin - October 2015 Source: XF Type: UNKNOWN google-android-cve20153879-priv-esc(109085) Source: MLIST Type: Vendor Advisory [android-security-updates] 20151005 Nexus Security Bulletin (October 2015) Source: CCN Type: WhiteSource Vulnerability Database CVE-2015-3879 | ||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||
Oval Definitions | |||||||||||||||||
| |||||||||||||||||
BACK |