Bugzilla – Bug 941777
VUL-0: CVE-2015-4496: MFSA 2015-93: MozillaFirefox: Integer overflows in libstagefright while processing MP4 video metadata (MFSA 2015-93)
Last modified: 2015-09-10 15:14:24 UTC
https://www.mozilla.org/en-US/security/advisories/mfsa2015-93/ Mozilla Foundation Security Advisory 2015-93 Integer overflows in libstagefright while processing MP4 video metadata Announced: August 12, 2015 Reporter: Joshua Drake Impact: Critical Products: Firefox Fixed in: Firefox 38 Description Security researcher Joshua Drake reported potential integer overflows in the libstagefright library while processing video sample metadata in MPEG4 video files. This can lead to a potentially exploitable crash. References https://bugzilla.mozilla.org/show_bug.cgi?id=1149605 (CVE-2015-4496) This issue was addressed by 38.0 ESR via bug 940806. References: https://www.mozilla.org/en-US/security/advisories/mfsa2015-93/ https://bugzilla.redhat.com/show_bug.cgi?id=1253550 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4496 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4496
bugbot adjusting priority
Unless you want to change the changelog, I guess we can mark this as depending on bug 940806, right?
rel;eased *** This bug has been marked as a duplicate of bug 940806 ***