(Image via Enterprise Security Today)
Last summer, it was nearly impossible to avoid the news about the Stagefright vulnerability. At the time of its unveiling, security researchers believed Stagefright to be the worst Android vulnerability to be discovered. Nearly a year after its discovery, Metaphor is the most recent embodiment of the vulnerability to rear its ugly head.
Essentially, Metaphor targets the same Android library (libstagefright) as the original Stagefright vulnerability but is implemented differently. To properly exploit the vulnerability, the team from NorthBit used a different method than that of Stagefright. Their implementation involves the exploitation of the CVE-2015-3864 and the Address Space Layout Randomisation (ASLR) bypass. ASLR is a technology used to stop shellcode from being successfully executed.