CVE-2016-1946

Priority
Description
The MoofParser::Metadata function in binding/MoofParser.cpp in
libstagefright in Mozilla Firefox before 44.0 does not limit the size of
read operations, which might allow remote attackers to cause a denial of
service (integer overflow and buffer overflow) or possibly have unspecified
other impact via crafted metadata.
Assigned-to
chrisccoulson
Notes
Package
Upstream:released (44.0)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [44.0+build3-0ubuntu0.14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):released (44.0+build3-0ubuntu1)
Package
Priority: Low
Upstream:not-affected
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
More Information

Updated: 2019-12-05 18:44:17 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)