Monthly Archives: November 2015
Samsung Galaxy S6 Android.media.process Face Recognition Memory Corruption
Samsung Galaxy S6 Android.media.process face recognition memory corruption proof of concept exploit.
Samsung LibQjpeg Image Decoding Memory Corruption
Samsung LibQjpeg suffers from a memory corruption vulnerability in the DCMProvider service when decoding an image.
Samsung Galaxy S6 LibQjpeg DoIntegralUpsample Crash
Samsung Galaxy S6 LibQjpeg memory corruption proof of concept exploit.
Industry 4.0 – the challenges in IT-Security
Time after time we have experienced revolutions in our societies, in the way we work and thus in the Industry. In the past we have been through several Industrial Revolutions and now it’s seems to be the time for another.
The post Industry 4.0 – the challenges in IT-Security appeared first on We Live Security.
Cybersecurity research boost for medical devices
A Texas university is to research cybersecurity solutions to vulnerabilities in medical devices, boosted by a major grant from the National Science Foundation.
The post Cybersecurity research boost for medical devices appeared first on We Live Security.
CVE-2015-6608 (android)
mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 19779574, 23680780, 23876444, and 23658148, a different vulnerability than CVE-2015-8072 and CVE-2015-8073.
CVE-2015-6609 (android)
libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, aka internal bug 22953624.
CVE-2015-6610 (android)
libstagefright in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka internal bug 23707088.
CVE-2015-6611 (android)
mediaserver in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, aka internal bugs 23905951, 23912202, 23953967, 23696300, 23600291, 23756261, 23541506, 23284974, 23542351, and 23542352, a different vulnerability than CVE-2015-8074.