CVE-2015-4475: Buffer Overflow
First published: Sun Aug 16 2015(Updated: )
The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.
Credit: security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <=39.0.3 | |
| Mozilla Firefox ESR | =38.0 | |
| Mozilla Firefox ESR | =38.0.1 | |
| Mozilla Firefox ESR | =38.0.5 | |
| Mozilla Firefox ESR | =38.1.0 | |
| Canonical Ubuntu Linux | =12.04 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =15.04 | |
| openSUSE openSUSE | =13.1 | |
| openSUSE openSUSE | =13.2 | |
| Mozilla Firefox | =38.0 | |
| Mozilla Firefox | =38.0.1 | |
| Mozilla Firefox | =38.0.5 | |
| Mozilla Firefox | =38.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
- http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html
- http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html
- http://rhn.redhat.com/errata/RHSA-2015-1586.html
- http://www.mozilla.org/security/announce/2015/mfsa2015-80.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.securityfocus.com/bid/76294
- http://www.securitytracker.com/id/1033247
- http://www.ubuntu.com/usn/USN-2702-1
- http://www.ubuntu.com/usn/USN-2702-2
- http://www.ubuntu.com/usn/USN-2702-3
- https://bugzilla.mozilla.org/show_bug.cgi?id=1175396
- https://security.gentoo.org/glsa/201605-06
- agent/type
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/mozilla
- canonical/mozilla firefox
- version/mozilla firefox/39.0.3
- canonical/mozilla firefox esr
- version/mozilla firefox esr/38.0
- version/mozilla firefox esr/38.0.1
- version/mozilla firefox esr/38.0.5
- version/mozilla firefox esr/38.1.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/12.04
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/15.04
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/13.1
- version/opensuse opensuse/13.2
- version/mozilla firefox/38.0
- version/mozilla firefox/38.0.1
- version/mozilla firefox/38.0.5
- version/mozilla firefox/38.1.0