1
PublicDateAtUSN: 2015-12-15
2
Candidate: CVE-2015-7222
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7222
6
https://www.mozilla.org/en-US/security/advisories/mfsa2015-147/
7
https://usn.ubuntu.com/usn/usn-2833-1
9
Integer underflow in the Metadata::setData function in MetaData.cpp in
10
libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before
11
38.5 allows remote attackers to execute arbitrary code or cause a denial of
12
service (incorrect memory allocation and application crash) via an MP4
13
video file with crafted covr metadata that triggers a buffer overflow.
19
Assigned-to: chrisccoulson
22
upstream_firefox: released (43.0)
23
precise_firefox: released (43.0+build1-0ubuntu0.12.04.1)
24
trusty_firefox: released (43.0+build1-0ubuntu0.14.04.1)
25
vivid_firefox: released (43.0+build1-0ubuntu0.15.04.1)
26
wily_firefox: released (43.0+build1-0ubuntu0.15.10.1)
27
devel_firefox: released (43.0+build1-0ubuntu1)