风险等级: 緊急
  CVE标识符: : CVE-2015-3842
  建议日期 : 2015年8月17日

  描述

This vulnerability assigned with CVE-2015-3842, affects the AudioEffect component found in the mediaserver program. Attackers can run arbitrary code on the device when successfully exploited thus compromising its security. However, attackers need to convince users first to install a malicious app that doesn't require any permission.The said vulnerability affects Android versions 2.3 to 5.1.1.

Trend Micro researcher Wish Wu disclosed details about this vulnerability to Google. The said company acknowledged Wu’s research contribution.