Android Mediaserver Vulnerability (CVE-2015-3842)
2016年4月6日
风险等级: 緊急
CVE标识符: : CVE-2015-3842
建议日期 : 2015年8月17日
描述
This vulnerability assigned with CVE-2015-3842, affects the AudioEffect component found in the mediaserver program. Attackers can run arbitrary code on the device when successfully exploited thus compromising its security. However, attackers need to convince users first to install a malicious app that doesn't require any permission.The said vulnerability affects Android versions 2.3 to 5.1.1.
Trend Micro researcher Wish Wu disclosed details about this vulnerability to Google. The said company acknowledged Wu’s research contribution.