e2openplugin OpenWebif saveConfig remote code execution
| CENSUS ID: | CENSUS-2017-0001 |
| CVE ID: | CVE-2017-9807 |
| Affected Products: | e2openplugin OpenWebif (versions 0.2.9-1.2.4) |
| Class: | Improper control of generation of code ('Code Injection') (CWE-94) |
| Discovered by: | John Torakis |
OpenWebif is a Web application that is used in IP TVs and media boxes to provide an easy-to-use Web Interface. It is written mostly in Python (Backend) and JavaScript (Frontend). It can be found in DreamBox devices.
Android stagefright impeg2d_vld_decode stack buffer overflows
| CENSUS ID: | CENSUS-2016-0006 |
| CVE ID: | CVE-2016-0836 |
| Android ID: | 25812590 |
| Affected Products: | Android OS 6.0 — 6.0.1 |
| Class: | Out-of-bounds Write (CWE-787) |
| Discovered by: | Anestis Bechtsoudis |
Android provides a media playback engine at the native level called Stagefright that comes built-in with software-based codecs for several popular media formats. Stagefright features for audio and video playback include integration with OpenMAX codecs, session management, time-synchronized rendering, transport control, and DRM.
Android stagefright impeg2d_dec_pic_data_thread integer overflow
| CENSUS ID: | CENSUS-2016-0005 |
| CVE ID: | CVE-2016-0835 |
| Android ID: | 26070014 |
| Affected Products: | Android OS 6.0 — 6.0.1 |
| Class: | Integer Overflow (CWE-190) / Underflow (CWE-191) |
| Discovered by: | Anestis Bechtsoudis |
Android provides a media playback engine at the native level called Stagefright that comes built-in with software-based codecs for several popular media formats. Stagefright features for audio and video playback include integration with OpenMAX codecs, session management, time-synchronized rendering, transport control, and DRM.
Android stagefright ih264d_read_mmco_commands libavc heap overflow
| CENSUS ID: | CENSUS-2016-0004 |
| CVE ID: | CVE-2016-0842 |
| Android ID: | 25818142 |
| Affected Products: | Android OS 6.0 — 6.0.1 |
| Class: | Out-of-bounds Write (CWE-787) |
| Discovered by: | Anestis Bechtsoudis |
Android provides a media playback engine at the native level called Stagefright that comes built-in with software-based codecs for several popular media formats. Stagefright features for audio and video playback include integration with OpenMAX codecs, session management, time-synchronized rendering, transport control, and DRM.