Lucene search
Mozilla FoundationMFSA2015-89HistoryAug 11, 2015 - 12:00 a.m.
Buffer overflows on Libvpx when decoding WebM video — Mozilla
2015-08-1100:00:00
Mozilla Foundation
www.mozilla.org
23
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.018 Low
EPSS
Percentile
88.3%
Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover two buffer overflow issues in the Libvpx library used for WebM video when decoding a malformed WebM video file. These buffer overflows result in potentially exploitable crashes.
Affected configurations
Node
mozillafirefoxRange<40
ORmozillafirefox_esrRange<38.2
ORmozillafirefox_osRange<2.5
ORmozillaseamonkeyRange<2.35
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 40 | |
| firefox esr | lt | 38.2 | |
| firefox os | lt | 2.5 | |
| seamonkey | lt | 2.35 |
Related
nessus
nessus
FreeBSD : libvpx -- multiple buffer overflows (34e60332-2448-4ed6-93f0-12713749f250)
2015-08-12 00:00:00
Firefox ESR < 38.2 Multiple Vulnerabilities (Mac OS X)
2015-08-13 00:00:00
CentOS 5 / 6 / 7 : firefox (CESA-2015:1586)
2015-08-12 00:00:00
freebsd
freebsd
libvpx -- multiple buffer overflows
2015-08-11 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2015-89) - Linux
2021-11-11 00:00:00
Ubuntu: Security Advisory (USN-2702-2)
2015-08-12 00:00:00
Ubuntu: Security Advisory (USN-2702-3)
2015-08-21 00:00:00
debiancve
debiancve
CVE-2015-4486
2015-08-16 01:59:14
CVE-2015-4485
2015-08-16 01:59:13
cve
cve
CVE-2015-4485
2015-08-16 01:59:13
CVE-2015-4486
2015-08-16 01:59:14
cvelist
cvelist
CVE-2015-4485
2015-08-16 01:00:00
CVE-2015-4486
2015-08-16 01:00:00
nvd
nvd
CVE-2015-4485
2015-08-16 01:59:13
CVE-2015-4486
2015-08-16 01:59:14
prion
prion
Heap overflow
2015-08-16 01:59:00
Out-of-bounds
2015-08-16 01:59:00
ubuntucve
ubuntucve
CVE-2015-4486
2015-08-11 00:00:00
CVE-2015-4485
2015-08-11 00:00:00
oraclelinux
oraclelinux
firefox security update
2015-08-11 00:00:00
suse
suse
Security update for MozillaFirefox, mozilla-nss (important)
2015-09-10 17:10:07
Security update for MozillaFirefox, mozilla-nss (important)
2015-09-02 12:10:07
Security update for MozillaFirefox (important)
2015-08-14 19:09:37
centos
centos
firefox security update
2015-08-11 20:36:44
mageia
mageia
Updated firefox packages fixes security vulnerabilities
2015-08-11 23:22:53
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:42:03
Arbitrary Code Execution
2019-05-02 05:41:48
Arbitrary Code Execution
2019-05-02 05:41:47
redhat
redhat
(RHSA-2015:1586) Critical: firefox security update
2015-08-11 00:00:00
ubuntu
ubuntu
Ubufox update
2015-08-11 00:00:00
Firefox vulnerabilities
2015-08-11 00:00:00
Firefox regression
2015-08-20 00:00:00
archlinux
archlinux
firefox: multiple issues
2015-08-12 00:00:00
kaspersky
kaspersky
KLA10643 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2015-08-11 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
2018-06-17 22:30:13
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox in IBM Storwize V7000 Unified
2018-06-18 00:09:54
Security Bulletin: Mozilla Firefox vulnerability issues in IBM SONAS
2018-06-18 00:09:55
securityvulns
securityvulns
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2016-05-31 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.018 Low
EPSS
Percentile
88.3%
Related for MFSA2015-89