1
PublicDateAtUSN: 2015-08-11
2
Candidate: CVE-2015-4493
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
6
https://www.mozilla.org/en-US/security/advisories/mfsa2015-83/
7
https://usn.ubuntu.com/usn/usn-2702-1
9
Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor
10
function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR
11
38.x before 38.2 allows remote attackers to execute arbitrary code via an
12
invalid size field in an esds chunk in MPEG-4 video data, a related issue
19
Assigned-to: chrisccoulson
22
upstream_firefox: released (40.0)
23
precise_firefox: released (40.0+build4-0ubuntu0.12.04.1)
24
trusty_firefox: released (40.0+build4-0ubuntu0.14.04.1)
25
vivid_firefox: released (40.0+build4-0ubuntu0.15.04.1)
26
devel_firefox: released (40.0+build4-0ubuntu1)