Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538.

CPENameOperatorVersion
firefoxle37.0.2
solariseq11.3

CPE	Name	Operator	Version
	firefox	le	37.0.2
	solaris	eq	11.3

References

www.mozilla.org/security/announce/2015/mfsa2015-93.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

bugzilla.mozilla.org/show_bug.cgi?id=1149605

hg.mozilla.org/mozilla-central/rev/87277085561a

prion 2

cve 3

android 2

ubuntucve 71

mozilla 1

openvas 4

packetstorm 1

seebug 1

zdt 1

exploitpack 1

threatpost 1

exploitdb 1

thn 2

githubexploit 1

checkpoint_advisories 1

nessus 8

veracode 1

redhat 1

centos 1

huawei 1

cert 1

kaspersky 1

freebsd 1

androidsecurity 1

securityvulns 1

mageia 1

prion

Integer overflow

2015-10-01 00:59:00

Integer overflow

2015-10-01 00:59:00

cve

CVE-2015-1538

2015-10-01 00:59:00

CVE-2015-4496

2015-08-16 01:59:00

CVE-2015-6575

2015-10-01 00:59:00

android

CVE-2015-1538

2015-08-01 00:00:00

Stagefright

2015-07-21 00:00:00

ubuntucve

CVE-2015-1538

2015-10-01 00:00:00

CVE-2015-4496

2015-08-16 00:00:00

CVE-2015-6601

2015-10-06 00:00:00

mozilla

Integer overflows in libstagefright while processing MP4 video metadata — Mozilla

2015-08-12 00:00:00

openvas

Mozilla Firefox Security Advisory (MFSA2015-93) - Linux

2021-11-11 00:00:00

Mozilla Firefox Multiple Vulnerabilities-01 (May 2015) - Mac OS X

2015-05-21 00:00:00

Mozilla Firefox Multiple Vulnerabilities-01 (May 2015) - Windows

2015-05-21 00:00:00

packetstorm

Android Stagefright Remote Code Execution

2015-09-10 00:00:00

seebug

Android Stagefright Media Playback Engine 远程代码执行漏洞

2015-09-10 00:00:00

zdt

Android Stagefright - Remote Code Execution Exploit

2015-09-09 00:00:00

exploitpack

Google Android - Stagefright Remote Code Execution

2015-09-09 00:00:00

threatpost

Android Stagefright Exploit Code Released to Public

2015-09-09 12:06:08

exploitdb

Google Android - 'Stagefright' Remote Code Execution

2015-09-09 00:00:00

thn

THN Weekly Roundup — 15 Most Popular Cyber Security and Hacking News Stories

2015-09-14 10:34:00

Android Stagefright Exploit Code Released

2015-09-11 02:11:00

githubexploit

Exploit for CVE-2015-1538

2020-05-12 17:59:48

checkpoint_advisories

Google Android Stagefright MP4 Multiple Atoms Integer Overflow (CVE-2015-1538; CVE-2015-3824; CVE-2015-3829; CVE-2015-3864)

2015-08-12 00:00:00

nessus

RHEL 5 / 6 / 7 : firefox (RHSA-2015:0988)

2015-05-13 00:00:00

CentOS 5 / 6 / 7 : firefox (CESA-2015:0988)

2015-05-13 00:00:00

Oracle Linux 5 / 6 / 7 : firefox (ELSA-2015-0988)

2015-05-13 00:00:00

veracode

Arbitrary Code Execution

2019-05-02 05:39:10

redhat

(RHSA-2015:0988) Critical: firefox security update

2015-05-12 00:00:00

centos

firefox security update

2015-05-13 00:01:13

huawei

Security Advisory - Stagefright Vulnerability in Multiple Huawei Android Products

2015-08-09 00:00:00

cert

Android Stagefright contains multiple vulnerabilities

2015-07-28 00:00:00

kaspersky

KLA10584 Multiple vulnerabilities in Mozilla products

2015-05-12 00:00:00

freebsd

mozilla -- multiple vulnerabilities

2015-05-12 00:00:00

androidsecurity

Nexus Security Bulletin—August 2015

2015-08-13 00:00:00

securityvulns

Mozilla Firefox / Thunderbird / Seamonkey / Firefox OS multiple security vulnerabilities

2015-08-31 00:00:00

mageia

Updated iceape packages fix security vulnerabilities

2015-09-08 10:20:40

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.6%

JSON

Related for PRION:CVE-2015-4496