CVE-2016-2814

Priority
Description
Heap-based buffer overflow in the
stagefright::SampleTable::parseSampleCencInfo function in libstagefright in
Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR
45.x before 45.1 allows remote attackers to execute arbitrary code via
crafted CENC offsets that lead to mismanagement of the sizes table.
Assigned-to
chrisccoulson
Notes
Package
Upstream:released (46.0)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [46.0+build5-0ubuntu0.14.04.2])
Ubuntu 16.04 LTS (Xenial Xerus):released (46.0+build5-0ubuntu0.16.04.2)
Package
Priority: Low
Upstream:not-affected
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
More Information

Updated: 2020-09-10 05:09:25 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)