Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-4475

Source

Mozilla Foundation Security Advisory 2015-80

Out-of-bounds read with malformed MP3 file

Announced

August 11, 2015

Reporter

Aki Helin

Impact

High

Products

Firefox, Firefox ESR, Firefox OS, SeaMonkey

Fixed in

Firefox 40
Firefox ESR 38.2
Firefox OS 2.5
SeaMonkey 2.35

Description

Security researcher Aki Helin used the Address Sanitizer tool to discover an out-of-bounds read during playback of a malformed MP3 format audio file which switches sample formats. This could trigger a potentially exploitable crash or the reading of out-of-bounds memory content in some circumstances.

References

out of bounds read at mozilla::AudioSink (CVE-2015-4475)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Out-of-bounds read with malformed MP3 file

Out-of-bounds read with malformed MP3 file

Description

References

Vulmon Search

About

Products

Connect