CVE-2015-2717

2015-05-14 12:59:10 2018-10-30 17:27:35

Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Opensuse Opensuse 13.2 (not an official CPE) Opensuse Opensuse 13.1 (not an official CPE)

Mozilla Firefox 37.0.2

Opensuse - Opensuse Mozilla - Firefox

Advisory	Patch	Confirmed	Link
			https://bugzilla.mozilla.org/show_bug.cgi?id=1154683
			74611
			USN-2602-1
			http://www.oracle.com/technetwork/topics/security/bullet...
			http://www.mozilla.org/security/announce/2015/mfsa2015-5...
			openSUSE-SU-2015:0934
			GLSA-201605-06

CVE-2015-2717

2015-05-14 12:59:10 2018-10-30 17:27:35

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)