CVE-2015-3832

Android < 5.1 - Remote Code Execution via MP4 NAL Unit Size Handling

Title source: llm
STIX 2.1

Description

Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538.

Scores

EPSS 0.0288
EPSS Percentile 85.2%

Details

CWE
CWE-119
Status published
Products (1)
google/android < 5.1
Published Oct 01, 2015
Tracked Since Feb 18, 2026