cvedb.io
CVE-2015-6783
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2015-12-06T01:59:20.527 · Last modified 2026-06-17T00:31:25.710

Summary

The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP archive.

Affected products

google — android

Does this affect you?

Add your gear to cvedb and we'll alert you only when google ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.