Predobro.
Citiraj:
Meet Stagefright 2.0, a set of two vulnerabilities that manifest when processing specially crafted MP3 audio or MP4 video files. The first vulnerability (in libutils) impacts almost every Android device since version 1.0 released in 2008. We found methods to trigger that vulnerability in devices running version 5.0 and up using the second vulnerability (in libstagefright). Google assigned CVE-2015-6602 to vulnerability in libutils. We plan to share CVE information for the second vulnerability as soon as it is available.
What is the impact of this issue?
Confirmed remote code execution (RCE) impact via libstagefright on Android 5.0 and later.
Older devices may be impacted if the vulnerable function in libutils is used (using third party apps, vendor or carrier functionality pre-loaded to the phone).
What is the vulnerability ?
Processing specially crafted MP3 or MP4 files can lead to arbitrary code execution.
|
https://blog.zimperium.com/zimperium...-mp3mp4-media/
__________________
Ryzen 7 5700G
AsRock B550 Pro4
HyperX Fury DDR4 3000MHz (4 x 16GB)
Kingston A2000 1TB NVMe
Intel 660p 1TB NVMe
Fortron Hexa 400W
Random PC case
Proxmox VE
95% of the world is retarded, I'm glad I am the 10%.
Fujitsu U7311
Intel i5 1135G7
16GB DDR4 3200MHz
SK Hynix P31 Gold 1TB
13.3" FHD IPS
|