CVE-2015-3839
MEDIUMAndroid < 5.1.1 - Denial of Service via updateMessageStatus NULL Pointer Dereference
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2015-3839. PoCs published by Cecilia-newbie.
AI-analyzed exploit summary This PoC demonstrates a DoS vulnerability (CVE-2015-3839) in Android's SMS/MMS handling by sending malformed PDU data via broadcast intent, causing the SMS app to crash. The exploit targets Android versions 4.4.4 and 5.0.1, as confirmed in the README.
Description
The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash).
Exploits (1)
This PoC demonstrates a DoS vulnerability (CVE-2015-3839) in Android's SMS/MMS handling by sending malformed PDU data via broadcast intent, causing the SMS app to crash. The exploit targets Android versions 4.4.4 and 5.0.1, as confirmed in the README.
References (4)
Scores
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H