CVE-2015-3864

This Metasploit module exploits an integer overflow in Android's Stagefright library (CVE-2015-3864) via a crafted MP4 file delivered through an HTML5 browser. It uses a two-stage information leak to bypass ASLR and achieve remote code execution on vulnerable devices.

This exploit targets CVE-2015-3864, a vulnerability in Android's mediaserver, using heap grooming and ROP chains to achieve arbitrary code execution. It leverages memory corruption via a crafted MP4 file to execute shellcode.

Metaphor is a Python-based exploit generator for CVE-2015-3864, targeting Stagefright in Android 5.0.1 (Nexus 5). It generates MP4 files to bypass ASLR and achieve remote code execution.

This is a Python script that generates a malicious MP4 file exploiting CVE-2015-3864 (Stagefright integer overflow vulnerability) and hosts it via a web server. It includes ROP gadget discovery and shellcode injection capabilities.

This repository contains a README describing binary patches for CVE-2015-3864, a vulnerability in Android's Stagefright library. It does not include exploit code but provides context for mitigating the issue.

This repository contains a README describing the exploitation of CVE-2015-3864, a Stagefright vulnerability in Android versions 2.2 through 5.1.1. It mentions remote code execution and privilege escalation but lacks actual exploit code or technical details.

This PoC generates malformed MP4 files to trigger a buffer overflow in the target software, specifically exploiting CVE-2015-3864. The scripts create MP4 files with crafted metadata to demonstrate the vulnerability.

This Metasploit module exploits an integer overflow vulnerability in Android's Stagefright library (CVE-2015-3864) via a crafted MP4 file delivered through an HTML5 browser. It uses a two-stage information leak to bypass ASLR and construct a ROP chain for remote code execution.