Lucene search

K
mozillaMozilla FoundationMFSA2015-93
HistoryAug 12, 2015 - 12:00 a.m.

Integer overflows in libstagefright while processing MP4 video metadata — Mozilla

2015-08-1200:00:00
Mozilla Foundation
www.mozilla.org
22

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.3%

Security researcher Joshua Drake reported potential integer overflows in the libstagefright library while processing video sample metadata in MPEG4 video files. This can lead to a potentially exploitable crash.

Affected configurations

Vulners
Node
mozillafirefoxRange<38
OR
mozillaseamonkeyRange<2.35
CPENameOperatorVersion
firefoxlt38
seamonkeylt2.35

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.3%