Integer overflow

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow...

CVE-2015-7222

Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service incorrect memory allocation and application crash via an MP4 video...

UBUNTU-CVE-2015-7213

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow...

CVE-2015-7213

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow...

Android Arbitrary Code Execution Vulnerability (CNVD-2015-06514 )

Android is an operating system based on the Linux open kernel. An arbitrary code execution vulnerability in Android to 5.1.1 LMY48M allows remote attackers to execute arbitrary code via metadata in specially crafted MP3 or MP4 files...

DEBIAN-CVE-2015-6602

libutils in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a 1 MP3 or 2 MP4 file, as demonstrated by an attack against use of libutils by libstagefright in Android 5.x...

Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to execute arbitrary code or cause system failures

The vulnerability of the CoreMedia Playback component in iOS and Mac OS X operating systems is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure using a specially crafted video file...

DEBIAN-CVE-2015-6825

The ffframethreadinit function in libavcodec/pthreadframe.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via a crafted file, as demonstrated by an A...

UBUNTU-CVE-2015-6825

The ffframethreadinit function in libavcodec/pthreadframe.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via a crafted file, as demonstrated by an A...

CVE-2015-4496

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538...

CVE-2015-4496

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538...

Integer overflow

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538...

CVE-2015-4496

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538...

CVE-2015-4496

CVE-2015-4496 corresponds to a set of integer overflows in libstagefright that affect Mozilla Firefox’s handling of MPEG-4 MP4 metadata. The vulnerability arises when parsing crafted sample metadata in MP4 video files, enabling remote code execution. Affected product/component: libstagefright in ...

BlackBerry Link Codec Demux MP4 Handling Arbitrary Code Execution Vulnerability

BlackBerry Link is software that centralizes the management of devices, whether it's updating, synchronizing or switching to a new device. A security vulnerability in the handling of MP4 files by the BlackBerry Link codec demux component allows remote attackers to exploit the vulnerability to...

CVE-2015-2717

CVE-2015-2717 describes an integer overflow in the libstagefright component of Mozilla Firefox before 38.0, exploitable via MP4 metadata to cause a heap-based buffer overflow or out-of-bounds read, potentially enabling remote code execution or a denial of service. Affected software is Firefox (an...

CVE-2015-2717

Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow and out-of-bounds read via an MP4 video file containing invalid metadata...

DEBIAN-CVE-2015-3417

Use-after-free vulnerability in the ffh264freetables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references...

Exiv riffvideo.cpp Buffer Overflow Vulnerability

Exiv2 is a C++ class library for extracting EXIF, LPTC and XMP metadata information from images. A buffer overflow vulnerability in the RiffVideo::infoTagsHandler function in Exiv2 riffvideo.cpp allows an attacker to construct an AVI file containing extra-long IKEY INFO tagged values, tricking th...

PYSEC-2015-36

Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service crash via a long IKEY INFO tag value in an AVI file...