← Retour aux CVEs
CVE-2016-6720
N/ADescription
An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Android ID: A-29422020.
Details CVE
Score CVSS v3.1N/A
Publie12/13/2016
Derniere modification5/6/2026
Sourcenvd
Observations honeypot0
Produits affectes
google:android
Faiblesses (CWE)
CWE-200
References
http://www.securityfocus.com/bid/94143(security@android.com)
https://android.googlesource.com/platform/frameworks/av/+/0f177948ae2640bfe4d70f8e4248e106406b3b0a(security@android.com)
https://android.googlesource.com/platform/frameworks/av/+/2c75e1c3b98e4e94f50c63e2b7694be5f948477c(security@android.com)
https://android.googlesource.com/platform/frameworks/av/+/640b04121d7cd2cac90e2f7c82b97fce05f074a5(security@android.com)
https://android.googlesource.com/platform/frameworks/av/+/7c88b498fda1c2b608a9dd73960a2fd4d7b7e3f7(security@android.com)
https://source.android.com/security/bulletin/2016-11-01.html(security@android.com)
http://www.securityfocus.com/bid/94143(af854a3a-2127-422b-91ae-364da2661108)
https://android.googlesource.com/platform/frameworks/av/+/0f177948ae2640bfe4d70f8e4248e106406b3b0a(af854a3a-2127-422b-91ae-364da2661108)
https://android.googlesource.com/platform/frameworks/av/+/2c75e1c3b98e4e94f50c63e2b7694be5f948477c(af854a3a-2127-422b-91ae-364da2661108)
https://android.googlesource.com/platform/frameworks/av/+/640b04121d7cd2cac90e2f7c82b97fce05f074a5(af854a3a-2127-422b-91ae-364da2661108)
https://android.googlesource.com/platform/frameworks/av/+/7c88b498fda1c2b608a9dd73960a2fd4d7b7e3f7(af854a3a-2127-422b-91ae-364da2661108)
https://source.android.com/security/bulletin/2016-11-01.html(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.