SUSE CVE-2015-4511

Heap-based buffer overflow in the nesteggtrackcodecdata function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video...

nestegg/fuzz: Global-buffer-overflow in ne_find_element

Project: https://github.com/kinetiknz/nestegg.git Detailed report: https://oss-fuzz.com/testcase?key=5729846619013120 Project: nestegg Fuzzer: libFuzzernesteggfuzz Fuzz target binary: fuzz Job Type: libfuzzerasannestegg Platform Id: linux Crash Type: Global-buffer-overflow READ 8 Crash Address:...

Mozilla Firefox and Firefox ESR 'nestegg_track_codec_data' heap buffer overflow vulnerability

Mozilla Firefox is an open source web browser. A buffer overflow vulnerability exists in Mozilla Firefox 'nesteggtrackcodecdata', which allows remote attackers to exploit specially crafted headers in WebM videos to crash an application or execute arbitrary code...

Mozilla: Buffer overflow while decoding WebM video (MFSA 2015-105)

Heap-based buffer overflow in the nesteggtrackcodecdata function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video...

Buffer overflow while decoding WebM video — Mozilla

Using the Address Sanitizer tool, security researcher Atte Kettunen discovered a buffer overflow in the nestegg library when decoding a WebM format video with maliciously formatted headers. This leads to a potentially exploitable crash...