Lucene search
Mozilla FoundationMFSA2015-31HistoryMar 31, 2015 - 12:00 a.m.
Use-after-free when using the Fluendo MP3 GStreamer plugin — Mozilla
2015-03-3100:00:00
Mozilla Foundation
www.mozilla.org
14
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.045 Low
EPSS
Percentile
92.4%
Security researcher Aki Helin reported a use-after-free when playing certain MP3 format audio files on the web using the Fluendo MP3 plugin for GStreamer on Linux. This is due to a flaw in handling certain MP3 files by the plugin and its interaction with Mozilla code. This can lead to a potentially exploitable crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 37 | |
| firefox esr | lt | 31.6 | |
| seamonkey | lt | 2.35 | |
| thunderbird | lt | 31.6 |
Related
prion
prion
Design/Logic Flaw
2015-04-01 10:59:00
ubuntucve
ubuntucve
CVE-2015-0813
2015-04-01 00:00:00
cve
cve
CVE-2015-0813
2015-04-01 10:59:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2015-31) - Linux
2021-11-11 00:00:00
Debian Security Advisory DSA 3211-1 (iceweasel - security update)
2015-04-01 00:00:00
CentOS Update for firefox CESA-2015:0766 centos7
2015-04-02 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:12:58
Denial Of Service (DoS)
2019-05-02 05:12:58
Cross-Site Request Forgery (CSRF)
2019-05-02 05:12:57
nessus
nessus
Debian DSA-3212-1 : icedove - security update
2015-04-03 00:00:00
CentOS 5 / 7 : thunderbird (CESA-2015:0771)
2015-04-02 00:00:00
Oracle Linux 6 / 7 : thunderbird (ELSA-2015-0771)
2015-04-02 00:00:00
archlinux
archlinux
thunderbird: multiple issues
2015-04-04 00:00:00
firefox: multiple issues
2015-04-01 00:00:00
oraclelinux
oraclelinux
firefox security update
2015-04-01 00:00:00
thunderbird security update
2015-04-01 00:00:00
redhat
redhat
(RHSA-2015:0766) Critical: firefox security update
2015-03-31 00:00:00
(RHSA-2015:0771) Important: thunderbird security update
2015-04-01 00:00:00
debian
debian
[SECURITY] [DSA 3211-1] iceweasel security update
2015-04-01 16:10:19
[SECURITY] [DSA 3212-1] icedove security update
2015-04-02 20:36:41
[SECURITY] [DSA 3211-1] iceweasel security update
2015-04-01 16:10:41
centos
centos
thunderbird security update
2015-04-01 14:33:26
firefox, xulrunner security update
2015-03-31 23:44:15
ubuntu
ubuntu
Thunderbird vulnerabilities
2015-04-02 00:00:00
Firefox vulnerabilities
2015-04-01 00:00:00
mageia
mageia
Updated firefox & thunderbird packages fix security vulnerabilities
2015-04-03 16:11:23
Updated iceape packages fix security vulnerabilities
2015-09-08 10:20:40
suse
suse
Security update for MozillaFirefox (important)
2015-04-10 17:04:55
Security update for MozillaFirefox (important)
2015-04-10 18:04:46
Update to Firefox 31.7.0esr (important)
2015-05-18 13:04:51
kaspersky
kaspersky
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-03-31 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-04-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-12-30 00:00:00
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.045 Low
EPSS
Percentile
92.4%
Related for MFSA2015-31