CVE-2016-2814

Priority
Description
Heap-based buffer overflow in the
stagefright::SampleTable::parseSampleCencInfo function in libstagefright in
Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR
45.x before 45.1 allows remote attackers to execute arbitrary code via
crafted CENC offsets that lead to mismanagement of the sizes table.
Assigned-to
chrisccoulson
Package
Upstream:released (46.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (46.0+build5-0ubuntu0.14.04.2)
Ubuntu 16.04 LTS (Xenial Xerus):released (46.0+build5-0ubuntu0.16.04.2)
Package
Priority: Low
Upstream:not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
More Information

Updated: 2019-03-19 12:25:49 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)