CVE-2015-7213

2015-12-16 12:59:11 2018-10-30 17:27:35

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Fedora 22 Fedoraproject Fedora 23 (not an official CPE) Opensuse Leap 42.1 (not an official CPE) Opensuse Opensuse 13.1 (not an official CPE) Opensuse Opensuse 13.2 (not an official CPE)

Mozilla - Firefox esr Mozilla - Firefox Fedoraproject - Fedora Opensuse - Leap Opensuse - Opensuse

Advisory	Patch	Confirmed	Link
			79279
			http://www.oracle.com/technetwork/topics/security/linuxb...
			http://www.oracle.com/technetwork/topics/security/linuxb...
			DSA-3432
			http://www.mozilla.org/security/announce/2015/mfsa2015-1...
			DSA-3422
			RHSA-2015:2657
			openSUSE-SU-2016:0308
			openSUSE-SU-2016:0307
			openSUSE-SU-2015:2353
			openSUSE-SU-2015:2406
			openSUSE-SU-2015:2380
			SUSE-SU-2015:2336
			SUSE-SU-2015:2335
			SUSE-SU-2015:2334
			FEDORA-2015-7ab3d3afcf
			FEDORA-2015-51b1105902
			1034426
			USN-2833-1
			USN-2859-1
			https://bugzilla.mozilla.org/show_bug.cgi?id=1206211
			GLSA-201512-10

CVE-2015-7213

2015-12-16 12:59:11 2018-10-30 17:27:35

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)