CVE-2015-1474

Severity Level: High
AppRisk Coverage: Yes
Type: Vulnerability
OWASP: M4: Unintended Data Leakage
Aliases:
Platform: Android
File size (bytes): N/A
Filename: N/A
App title: N/A
MD5 Hash: N/A
SHA1 hash: N/A
Affected CVE:

• CVE-2015-1474

Details or analysis:

This is a denial of service vulnerability. The vulnerability is caused by multiple integer overflows in the “GraphicBuffer::unflatten” function in “platform/frameworks/native/libs/ui/GraphicBuffer.cpp“, affecting Android OS versions through 5.0.

Successful exploitation of the vulnerability could allow an attacker to gain privileges or cause a denial of service.

Reference:

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1474
• http://www.cvedetails.com/cve/2015-1474