CVE-2015-7213

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:x64:*

History

22 Oct 2024, 13:42

Type Values Removed Values Added
CPE cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:x64:*
cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:x64:*
cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:x64:*
cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:x64:*
cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:x64:*
cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:x64:*
cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:x64:*
cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:x64:*
cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:x64:*
cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*

Information

Published : 2015-12-16 11:59

Updated : 2024-10-22 13:42


NVD link : CVE-2015-7213

Mitre link : CVE-2015-7213

CVE.ORG link : CVE-2015-7213


JSON object : View

Products Affected

opensuse

  • opensuse
  • leap

mozilla

  • firefox

fedoraproject

  • fedora
CWE
CWE-189

Numeric Errors