CVE-2015-3874

Android < 5.1.1 - Remote Code Execution via Crafted Media File

Title source: llm
STIX 2.1

Description

The Sonivox components in Android before 5.1.1 LMY48T allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23335715, 23307276, and 23286323.

References (1)

Core 1
Core References

Scores

EPSS 0.0184
EPSS Percentile 76.4%

Details

CWE
CWE-119
Status published
Products (1)
google/android < 5.1
Published Oct 06, 2015
Tracked Since Feb 18, 2026