Update Aug 28, 2015: Typos in the final table: CVE-2015-3864 does not concern covr but tx3g. CVE-2015-3828 does not occur for yrrc. Detecting the PoCs published by Zimperium is not difficult: you can fingerprint the PoCs, for example. Detecting variants of the PoCs, i.e., MP4s that use one of the discovered vulnerabilities, is far more difficult. I'll explain why in a moment. First, apart from here (in Chinese), there hasn't been so much in the way of technical details. Getting into the guts of StageFright... [Read More]
by RSS Axelle Apvrille  |  Aug 25, 2015  |  Filed in: Security Research