Search for vulnerabilities
Vulnerability details: VCID-qp1g-thfe-aaar
Vulnerability ID VCID-qp1g-thfe-aaar
Aliases CVE-2016-0826
Summary libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly dumps, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26265403.
Status Published
Exploitability 0.5
Weighted Severity 8.4
Risk 4.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-264 Permissions, Privileges, and Access Controls
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0826.html
generic_textual Medium https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0
generic_textual Medium https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00106 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00134 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2016-0826
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0826
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2016-0826
cvssv3 7.8 https://nvd.nist.gov/vuln/detail/CVE-2016-0826
generic_textual High http://source.android.com/security/bulletin/2016-03-01.html
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0826.html
https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0
https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122
https://api.first.org/data/v1/epss?cve=CVE-2016-0826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0826
http://source.android.com/security/bulletin/2016-03-01.html
http://www.securityfocus.com/bid/84268
cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
CVE-2016-0826 https://nvd.nist.gov/vuln/detail/CVE-2016-0826
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0826
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0826
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.44077
EPSS Score 0.00106
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.