Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2015-12-16 03:59
Updated : 2018-10-30 09:27
NVD link : CVE-2015-7222
Mitre link : CVE-2015-7222
JSON object : View
CWE
CWE-189
Numeric Errors
Products Affected
mozilla
- firefox_esr
- firefox
fedoraproject
- fedora
opensuse
- leap
- opensuse