Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!Close

CVE-2015-7213

Published: 15 December 2015

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.

Priority

Medium

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian 		upstream
Released (43.0)
precise
Released (43.0+build1-0ubuntu0.12.04.1)
trusty Does not exist
(trusty was released [43.0+build1-0ubuntu0.14.04.1])
vivid
Released (43.0+build1-0ubuntu0.15.04.1)
wily
Released (43.0+build1-0ubuntu0.15.10.1)
thunderbird
Launchpad, Ubuntu, Debian 		upstream
Released (38.5.1)
precise
Released (1:38.5.1+build2-0ubuntu0.12.04.1)
trusty Does not exist
(trusty was released [1:38.5.1+build2-0ubuntu0.14.04.1])
vivid
Released (1:38.5.1+build2-0ubuntu0.15.04.1)
wily
Released (1:38.5.1+build2-0ubuntu0.15.10.1)

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading