CVE-2015-3868

Android < 5.1 - Remote Code Execution via Crafted Media File

Title source: llm
STIX 2.1

Description

libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23270724.

References (2)

Core 2

Scores

EPSS 0.0258
EPSS Percentile 83.3%

Details

CWE
CWE-119
Status published
Products (1)
google/android < 5.1
Published Oct 06, 2015
Tracked Since Feb 18, 2026