CVE-2015-4493

HIGH

Description

Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539.

References

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html

http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html

http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html

http://rhn.redhat.com/errata/RHSA-2015-1586.html

http://www.debian.org/security/2015/dsa-3333

http://www.mozilla.org/security/announce/2015/mfsa2015-83.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.securitytracker.com/id/1033247

http://www.ubuntu.com/usn/USN-2702-1

http://www.ubuntu.com/usn/USN-2702-2

http://www.ubuntu.com/usn/USN-2702-3

https://bugzilla.mozilla.org/show_bug.cgi?id=1186718

https://hg.mozilla.org/mozilla-central/rev/a674c7019cb5

https://security.gentoo.org/glsa/201605-06

Details

Source: MITRE

Published: 2015-08-16

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* versions up to 39.0.3 (inclusive)

cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Tenable Plugins

View all (19 total)

IDNameProductFamilySeverity
91379GLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH)NessusGentoo Local Security Checks
critical
8856Mozilla Firefox < 40.0 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
85703openSUSE Security Update : MozillaThunderbird (openSUSE-2015-559)NessusSuSE Local Security Checks
critical
85702openSUSE Security Update : MozillaThunderbird (openSUSE-2015-558)NessusSuSE Local Security Checks
critical
85578Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : firefox regression (USN-2702-3)NessusUbuntu Local Security Checks
critical
85437openSUSE Security Update : MozillaFirefox (openSUSE-2015-548)NessusSuSE Local Security Checks
critical
85436openSUSE Security Update : MozillaFirefox (openSUSE-2015-547)NessusSuSE Local Security Checks
critical
85386Firefox < 40 Multiple VulnerabilitiesNessusWindows
critical
85385Firefox ESR < 38.2 Multiple VulnerabilitiesNessusWindows
critical
85384Firefox < 40 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
85383Firefox ESR < 38.2 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
85356Debian DSA-3333-1 : iceweasel - security updateNessusDebian Local Security Checks
critical
85345Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : ubufox update (USN-2702-2)NessusUbuntu Local Security Checks
critical
85344Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : firefox vulnerabilities (USN-2702-1)NessusUbuntu Local Security Checks
critical
85343Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20150811)NessusScientific Linux Local Security Checks
critical
85342RHEL 5 / 6 / 7 : firefox (RHSA-2015:1586)NessusRed Hat Local Security Checks
critical
85339Oracle Linux 5 / 6 / 7 : firefox (ELSA-2015-1586)NessusOracle Linux Local Security Checks
critical
85338FreeBSD : mozilla -- multiple vulnerabilities (c66a5632-708a-4727-8236-d65b2d5b2739)NessusFreeBSD Local Security Checks
critical
85336CentOS 5 / 6 / 7 : firefox (CESA-2015:1586)NessusCentOS Local Security Checks
critical