Remote Code Execution and Denial of Service Vulnerability in libvpx in Android 4.x, 5.x, and 6.0

Remote Code Execution and Denial of Service Vulnerability in libvpx in Android 4.x, 5.x, and 6.0

CVE-2016-1621 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvparser.cpp and other files, aka internal bug 23452792.

Learn more about our Cis Benchmark Audit For Google Android.