CVE-2015-4496

2015-08-16 03:59:22 2016-11-15 21:10:14

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Oracle Solaris 11.3 (not an official CPE)

Mozilla Firefox 37.0.2

Oracle - Solaris Mozilla - Firefox

Advisory	Patch	Confirmed	Link
			http://www.oracle.com/technetwork/topics/security/bullet...
			https://bugzilla.mozilla.org/show_bug.cgi?id=1149605
			https://hg.mozilla.org/mozilla-central/rev/87277085561a
			http://www.mozilla.org/security/announce/2015/mfsa2015-9...

Numeric Errors (ID 189)

Related CVE(s) 1 CVE-2015-1538 CVSS 10