Heap overflow

2015-08-1601:59:00

PRIOn knowledge base

www.prio-n.com

8.5 High

AI Score

Confidence

Low

0.323 Low

EPSS

Percentile

97.0%

JSON

Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539.

CPENameOperatorVersion
ubuntu_linuxeq12.04
ubuntu_linuxeq14.04
ubuntu_linuxeq15.04
firefoxle39.0.3
firefox_esreq38.0
firefox_esreq38.1.0
firefox_esreq38.0.5
firefox_esreq38.0.1
opensuseeq13.1
opensuseeq13.2

Name	Operator	Version
ubuntu_linux	eq	12.04
ubuntu_linux	eq	14.04
ubuntu_linux	eq	15.04
firefox	le	39.0.3
firefox_esr	eq	38.0
firefox_esr	eq	38.1.0
firefox_esr	eq	38.0.5
firefox_esr	eq	38.0.1
opensuse	eq	13.1
opensuse	eq	13.2