CVE-2016-2814 (retired)

Priority
Description
Heap-based buffer overflow in the
stagefright::SampleTable::parseSampleCencInfo function in libstagefright in
Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR
45.x before 45.1 allows remote attackers to execute arbitrary code via
crafted CENC offsets that lead to mismanagement of the sizes table.
Assigned-to
chrisccoulson
Package
Upstream:released (46.0)
Ubuntu 16.04 LTS (Xenial Xerus):released (46.0+build5-0ubuntu0.16.04.2)
Package
Priority: Low
Upstream:not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
More Information

Updated: 2019-09-19 15:57:39 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)