1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
PublicDateAtUSN: 2015-08-11
Candidate: CVE-2015-4480
PublicDate: 2015-08-15
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
https://www.mozilla.org/en-US/security/advisories/mfsa2015-83/
http://www.ubuntu.com/usn/usn-2702-1
Description:
Integer overflow in the stagefright::SampleTable::isValid function in
libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before
38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4
video data with H.264 encoding.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: chrisccoulson
Patches_firefox:
upstream_firefox: released (40.0)
precise_firefox: released (40.0+build4-0ubuntu0.12.04.1)
trusty_firefox: released (40.0+build4-0ubuntu0.14.04.1)
vivid_firefox: released (40.0+build4-0ubuntu0.15.04.1)
devel_firefox: released (40.0+build4-0ubuntu1)
|