10
CVSSv2

CVE-2015-4485

Published: 16/08/2015 Updated: 30/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox prior to 40.0 and Firefox ESR 38.x prior to 38.2 allows remote malicious users to execute arbitrary code via malformed WebM video data.

Vendor Advisories

Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 400 and Firefox ESR 38x before 382 allows remote attackers to execute arbitrary code via malformed WebM video data ...
Buffer overflows on Libvpx when decoding WebM video Announced August 11, 2015 Reporter Abhishek Arya Impact Critical Products Firefox, Firefox ESR, Firefox OS, SeaMonkey Fixed in ...
This update provides compatible packages for Firefox 40 ...
USN-2702-1 introduced a regression in Firefox ...
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Oracle Solaris Third Party Bulletin - April 2016 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Upda ...