CVE-2015-7894

The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V device running build number LRX22G.G925VVRU1AOE2 allows remote attackers to cause a denial of service (segmentation fault and process crash) and execute arbitrary code via a crafted JPG.
References
Link Resource
https://www.exploit-db.com/exploits/38614/ Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/77423 Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/134197/Samsung-LibQjpeg-Image-Decoding-Memory-Corruption.html Broken Link Third Party Advisory VDB Entry
https://bugs.chromium.org/p/project-zero/issues/detail?id=495&redir=1 Issue Tracking Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:samsung:galaxy_s6_edge_firmware:lrx22g.g925vvru1aoe2:*:*:*:*:*:*:*
cpe:2.3:h:samsung:galaxy_s6_edge:-:*:*:*:*:*:*:*

Information

Published : 2017-08-09 11:29

Updated : 2017-08-24 09:20


NVD link : CVE-2015-7894

Mitre link : CVE-2015-7894


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

samsung

  • galaxy_s6_edge_firmware
  • galaxy_s6_edge