Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Mozilla Firefox esr 38.4.0 (not an official CPE)
Mozilla Firefox esr 38.3.0 (not an official CPE)
Mozilla Firefox esr 38.2.1 (not an official CPE)
Mozilla Firefox esr 38.2.0 (not an official CPE)
Mozilla Firefox esr 38.1.1 (not an official CPE)
Mozilla Firefox esr 38.1.0 (not an official CPE)
Mozilla Firefox esr 38.0.5 (not an official CPE)
Mozilla Firefox esr 38.0.1 (not an official CPE)
Mozilla Firefox esr 38.0 (not an official CPE)
Mozilla Firefox 42.0 (not an official CPE)