Lucene search

K

MozillaCVELIST:CVE-2015-4493

HistoryAug 16, 2015 - 1:00 a.m.

CVE-2015-4493

2015-08-1601:00:00

mozilla

www.cve.org

9.9 High

AI Score

Confidence

High

0.323 Low

EPSS

Percentile

97.0%

Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539.

References

lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html

lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html

lists.opensuse.org/opensuse-updates/2015-08/msg00030.html

lists.opensuse.org/opensuse-updates/2015-08/msg00031.html

rhn.redhat.com/errata/RHSA-2015-1586.html

www.debian.org/security/2015/dsa-3333

www.mozilla.org/security/announce/2015/mfsa2015-83.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.securitytracker.com/id/1033247

www.ubuntu.com/usn/USN-2702-1

www.ubuntu.com/usn/USN-2702-2

www.ubuntu.com/usn/USN-2702-3

bugzilla.mozilla.org/show_bug.cgi?id=1186718

hg.mozilla.org/mozilla-central/rev/a674c7019cb5

security.gentoo.org/glsa/201605-06

9.9 High

AI Score

Confidence

High

0.323 Low

EPSS

Percentile

97.0%

Related for CVELIST:CVE-2015-4493