1. Home
  2. Vulnerabilities
  3. CVE-2015-7213

CVE-2015-7213

CVSS v2.0 6.8 (Medium)
68% Progress
EPSS 5.55 % (93th)
5.55% Progress
Affected Products 5
Advisories 13
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.

Weaknesses
CWE-189
Numeric Errors
CVE Status
PUBLISHED
CNA
Mozilla Corporation
Published Date
2015-12-16 11:59:11
(8 years ago)
Updated Date
2018-10-30 16:27:35
(5 years ago)

Affected Products

Fedoraproject

Mozilla

Opensuse

Configuration #1

    CPE23 From Up To
  Opensuse Leap 42.1 cpe:2.3:o:opensuse:leap:42.1
  Opensuse 13.1 cpe:2.3:o:opensuse:opensuse:13.1
  Opensuse 13.2 cpe:2.3:o:opensuse:opensuse:13.2

Configuration #2

    CPE23 From Up To
  Fedoraproject Fedora 22 cpe:2.3:o:fedoraproject:fedora:22
  Fedoraproject Fedora 23 cpe:2.3:o:fedoraproject:fedora:23

Configuration #3

    CPE23 From Up To
  Mozilla Firefox Esr 38.0 on X64 cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:x64
  Mozilla Firefox Esr 38.0.1 on X64 cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:x64
  Mozilla Firefox Esr 38.0.5 on X64 cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:x64
  Mozilla Firefox Esr 38.1.0 on X64 cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:x64
  Mozilla Firefox Esr 38.1.1 on X64 cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:x64
  Mozilla Firefox Esr 38.2.0 on X64 cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:x64
  Mozilla Firefox Esr 38.2.1 on X64 cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:x64
  Mozilla Firefox Esr 38.3.0 on X64 cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:x64
  Mozilla Firefox Esr 38.4.0 on X64 cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:x64

Configuration #4

    CPE23 From Up To
  Mozilla Firefox on X64 42.0 and prior versions cpe:2.3:a:mozilla:firefox::*:*:*:*:*:x64 <= 42.0