CVE-2015-7897

The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file.
Configurations

Configuration 1 (hide)

cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:37

Type Values Removed Values Added
References () http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html - Vendor Advisory () http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html - Vendor Advisory
References () http://packetstormsecurity.com/files/134199/Samsung-Galaxy-S6-Android.media.process-Face-Recognition-Memory-Corruption.html - () http://packetstormsecurity.com/files/134199/Samsung-Galaxy-S6-Android.media.process-Face-Recognition-Memory-Corruption.html -
References () https://code.google.com/p/google-security-research/issues/detail?id=499&q=samsung - () https://code.google.com/p/google-security-research/issues/detail?id=499&q=samsung -
References () https://www.exploit-db.com/exploits/38611/ - () https://www.exploit-db.com/exploits/38611/ -

Information

Published : 2015-11-16 19:59

Updated : 2024-11-21 02:37


NVD link : CVE-2015-7897

Mitre link : CVE-2015-7897

CVE.ORG link : CVE-2015-7897


JSON object : View

Products Affected

samsung

  • galaxy_s6
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer