Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2015-0829

Published: 25/02/2015 Updated: 30/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Ubuntu Linux

Vulnerability Summary

Buffer overflow in libstagefright in Mozilla Firefox prior to 36.0 allows remote malicious users to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 14.04

canonical ubuntu linux 14.10

canonical ubuntu linux 12.04

opensuse opensuse 13.2

opensuse opensuse 13.1

mozilla firefox 33.0

mozilla firefox 32.0

mozilla firefox 3.6.4

mozilla firefox 3.6.3

mozilla firefox 3.6.22

mozilla firefox 3.6.21

mozilla firefox 3.6.15

mozilla firefox 3.6.14

mozilla firefox 3.6.13

mozilla firefox 3.5.7

mozilla firefox 3.5.6

mozilla firefox 3.5.17

mozilla firefox 3.5.16

mozilla firefox 3.5

mozilla firefox 3.0.9

mozilla firefox 3.0.2

mozilla firefox 3.0.19

mozilla firefox 3.0.12

mozilla firefox 3.0.11

mozilla firefox 27.0

mozilla firefox 26.0

mozilla firefox 23.0

mozilla firefox 22.0

mozilla firefox 2.0.0.6

mozilla firefox 2.0.0.5

mozilla firefox 2.0.0.16

mozilla firefox 2.0.0.15

mozilla firefox 2.0

mozilla firefox 19.0.2

mozilla firefox 17.0.8

mozilla firefox 17.0.7

mozilla firefox 17.0.1

mozilla firefox 17.0

mozilla firefox 31.1.0

mozilla firefox 31.0

mozilla firefox 30.0

mozilla firefox 3.6.28

mozilla firefox 3.6.27

mozilla firefox 3.6.20

mozilla firefox 3.6.2

mozilla firefox 3.6.12

mozilla firefox 3.6.11

mozilla firefox 3.5.5

mozilla firefox 3.5.4

mozilla firefox 3.5.15

mozilla firefox 3.5.14

mozilla firefox 3.0.8

mozilla firefox 3.0.7

mozilla firefox 3.0.18

mozilla firefox 3.0.17

mozilla firefox 3.0.10

mozilla firefox 3.0.1

mozilla firefox 25.0.1

mozilla firefox 25.0

mozilla firefox 21.0

mozilla firefox 20.0.1

mozilla firefox 2.0.0.4

mozilla firefox 2.0.0.3

mozilla firefox 2.0.0.14

mozilla firefox 2.0.0.13

mozilla firefox 3.6.9

mozilla firefox 3.6.8

mozilla firefox 3.6.26

mozilla firefox 3.6.25

mozilla firefox 3.6.19

mozilla firefox 3.6.18

mozilla firefox 3.6.10

mozilla firefox 3.6

mozilla firefox 3.5.3

mozilla firefox 3.5.2

mozilla firefox 3.5.13

mozilla firefox 3.5.12

mozilla firefox 3.0.6

mozilla firefox 3.0.5

mozilla firefox 3.0.16

mozilla firefox 3.0.15

mozilla firefox 3.0

mozilla firefox 29.0.1

mozilla firefox 24.1.1

mozilla firefox 24.1

mozilla firefox 20.0

mozilla firefox 2.0.0.9

mozilla firefox 2.0.0.20

mozilla firefox 2.0.0.2

mozilla firefox 2.0.0.19

mozilla firefox 2.0.0.12

mozilla firefox 2.0.0.11

mozilla firefox 18.0.2

mozilla firefox 18.0.1

mozilla firefox 17.0.3

mozilla firefox 17.0.2

mozilla firefox 16.0

mozilla firefox 15.0.1

mozilla firefox 12.0

mozilla firefox 11.0

mozilla firefox 10.0.2

mozilla firefox 10.0.12

mozilla firefox 4.0

mozilla firefox 7.0

mozilla firefox 7.0.1

mozilla firefox 1.5.7

mozilla firefox 1.5.6

mozilla firefox 1.5.0.8

mozilla firefox 1.5.0.7

mozilla firefox 1.5.0.10

mozilla firefox 1.5.0.1

mozilla firefox 1.0.6

mozilla firefox 1.0.5

mozilla firefox 0.9.3

mozilla firefox 0.9.2

mozilla firefox 0.9.1

mozilla firefox 0.6

mozilla firefox 0.5

mozilla firefox 14.0

mozilla firefox 13.0.1

mozilla firefox 10.0.7

mozilla firefox 10.0.6

mozilla firefox 10.0.5

mozilla firefox 10.0.1

mozilla firefox 10.0

mozilla firefox 5.0

mozilla firefox 5.0.1

mozilla firefox 6.0

mozilla firefox 9.0

mozilla firefox 9.0.1

mozilla firefox 1.5.3

mozilla firefox 1.5.2

mozilla firefox 1.5.0.3

mozilla firefox 1.5.0.2

mozilla firefox 1.5

mozilla firefox 1.4.1

mozilla firefox 1.0.2

mozilla firefox 1.0.1

mozilla firefox 0.8

mozilla firefox 0.7.1

mozilla firefox 0.2

mozilla firefox 0.10.1

mozilla firefox 19.0.1

mozilla firefox 19.0

mozilla firefox 17.0.6

mozilla firefox 17.0.5

mozilla firefox 17.0.4

mozilla firefox 16.0.2

mozilla firefox 16.0.1

mozilla firefox 13.0

mozilla firefox 10.0.4

mozilla firefox 10.0.3

mozilla firefox 6.0.1

mozilla firefox 6.0.2

mozilla firefox 1.8

mozilla firefox 1.5.8

mozilla firefox 1.5.1

mozilla firefox 1.5.0.9

mozilla firefox 1.5.0.12

mozilla firefox 1.5.0.11

mozilla firefox 1.0.8

mozilla firefox 1.0.7

mozilla firefox 1.0

mozilla firefox 0.7

mozilla firefox 0.6.1

mozilla firefox 0.10

mozilla firefox 0.1

mozilla firefox

mozilla firefox 34.0.5

mozilla firefox 3.6.7

mozilla firefox 3.6.6

mozilla firefox 3.6.24

mozilla firefox 3.6.23

mozilla firefox 3.6.17

mozilla firefox 3.6.16

mozilla firefox 3.5.9

mozilla firefox 3.5.8

mozilla firefox 3.5.19

mozilla firefox 3.5.18

mozilla firefox 3.5.11

mozilla firefox 3.5.10

mozilla firefox 3.5.1

mozilla firefox 3.0.4

mozilla firefox 3.0.3

mozilla firefox 3.0.14

mozilla firefox 3.0.13

mozilla firefox 29.0

mozilla firefox 28.0

mozilla firefox 27.0.1

mozilla firefox 24.0

mozilla firefox 23.0.1

mozilla firefox 2.0.0.8

mozilla firefox 2.0.0.7

mozilla firefox 2.0.0.18

mozilla firefox 2.0.0.17

mozilla firefox 2.0.0.10

mozilla firefox 2.0.0.1

mozilla firefox 18.0

mozilla firefox 17.0.9

mozilla firefox 17.0.11

mozilla firefox 17.0.10

mozilla firefox 15.0

mozilla firefox 14.0.1

mozilla firefox 10.0.9

mozilla firefox 10.0.8

mozilla firefox 10.0.11

mozilla firefox 10.0.10

mozilla firefox 4.0.1

mozilla firefox 8.0

mozilla firefox 8.0.1

mozilla firefox 1.5.5

mozilla firefox 1.5.4

mozilla firefox 1.5.0.6

mozilla firefox 1.5.0.5

mozilla firefox 1.5.0.4

mozilla firefox 1.0.4

mozilla firefox 1.0.3

mozilla firefox 0.9

mozilla firefox 0.4

mozilla firefox 0.3

oracle solaris 11.3

Vendor Advisories

Ubuntu Security Notice: firefox regression
USN-2505-1 introduced a regression in Firefox ...
Ubuntu Security Notice: firefox vulnerabilities
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Mozilla: Buffer overflow in libstagefright during MP4 video playback
Mozilla Foundation Security Advisory 2015-17 Buffer overflow in libstagefright during MP4 video playback Announced February 24, 2015 Reporter Pantrombka Impact Critical Products Firefox, Firefox OS, SeaMonkey Fixed in ...

Recent Articles

Firefox 36 swats bugs, adds HTTP2 and gets certifiably serious
The Register • Darren Pauli • 26 Feb 2015

Three big bads, six medium messes and 1024-bit certs all binned in one release

Mozilla has outfoxed three critical and six high severity flaws in its latest round of patches for its flagship browser. It stomps out memory safety bugs, exploitable use-after-free crashes, and a buffer overflow. Of the critical crashes, bad guys could potentially craft attacks targeting MP4 video playback through a buffer overflow in the libstagefright library (CVE-2015-0829). Another potential exploitable crash that is unlikely to be a threat in email clients where scripting was disabled ce...

Read more...

References

CWE-119http://www.mozilla.org/security/announce/2015/mfsa2015-17.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=1128939http://www.securitytracker.com/id/1031791http://www.securityfocus.com/bid/72741http://www.ubuntu.com/usn/USN-2505-1http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.htmlhttp://lists.opensuse.org/opensuse-updates/2015-03/msg00067.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlhttps://security.gentoo.org/glsa/201504-01https://nvd.nist.govhttps://usn.ubuntu.com/2505-2/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook