Deep Analysis of CVE-2016-3820 - Remote Code Execution Vulnerability in Android Mediaserver

August 18, 2016

Google patched some Android security vulnerabilities in early August. One of them was a remote code execution vulnerability in Mediaserver (CVE-2016-3820), which was discovered by me. This vulnerability could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue was rated as Critical by Google due to the possibility of remote code execution within the context of the Mediaserver process. The Mediaserver process has access to audio and video streams, as well as access to privileges...

Read more...

Previous Article
Looking Back at our 2016 Predictions
Looking Back at our 2016 Predictions

Last year, Fortinet’s FortiGuard Labs team made a series of predictions about cyberthreats in 2016. We are ...

Next Article
Q&A with Andy Travers on the Unique Security Requirements of Government Agencies 
Q&A with Andy Travers on the Unique Security Requirements of Government Agencies 

The Government of Canada selected Fortinet to secure its IT infrastructure. Fortinet's Andy Travers shares ...