CVE-2015-4493 (retired)

Priority
Description
Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor
function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR
38.x before 38.2 allows remote attackers to execute arbitrary code via an
invalid size field in an esds chunk in MPEG-4 video data, a related issue
to CVE-2015-1539.
Assigned-to
chrisccoulson
Package
Upstream:released (40.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (40.0+build4-0ubuntu0.14.04.1)
More Information

Updated: 2019-03-26 12:15:38 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)