![]() ![]() ![]() Since the primary attack vector of MMS has been removed in newer versions of Google's Hangouts and Messenger apps, the likely attack vector would be via the Web browser". The company further shares, "the vulnerability lies in the processing of metadata within the files, so merely previewing the song or video would trigger the issue. We plan to share CVE information for the second vulnerability as soon as it is available", says Zimperium Mobile Labs. Google assigned CVE-2015-6602 to vulnerability in libutils. We found methods to trigger that vulnerability in devices running version 5.0 and up using the second vulnerability (in libstagefright). The first vulnerability (in libutils) impacts almost every Android device since version 1.0 released in 2008. "Meet Stagefright 2.0, a set of two vulnerabilities that manifest when processing specially crafted MP3 audio or MP4 video files.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |