CVE-2015-3832

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ", "name": "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)", "tags": ["Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://android.googlesource.com/platform/frameworks/av/+/d48f0f145f8f0f4472bc0af668ac9a8bce44ba9b", "name": "https://android.googlesource.com/platform/frameworks/av/+/d48f0f145f8f0f4472bc0af668ac9a8bce44ba9b", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-3832", "ASSIGNER": "security@android.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-10-01T00:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2015-10-01T16:46Z"}