Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox prior to 46.0, Firefox ESR 38.x prior to 38.8, and Firefox ESR 45.x prior to 45.1 allows remote malicious users to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox esr 38.4.0 |
||
mozilla firefox esr 38.3.0 |
||
mozilla firefox esr 38.0 |
||
mozilla firefox |
||
mozilla firefox esr 38.5.1 |
||
mozilla firefox esr 38.5.0 |
||
mozilla firefox esr 38.0.5 |
||
mozilla firefox esr 38.0.1 |
||
mozilla firefox esr 38.7.1 |
||
mozilla firefox esr 38.7.0 |
||
mozilla firefox esr 38.2.1 |
||
mozilla firefox esr 38.2.0 |
||
mozilla firefox 45.0.1 |
||
mozilla firefox esr 38.6.1 |
||
mozilla firefox esr 38.6.0 |
||
mozilla firefox esr 38.1.1 |
||
mozilla firefox esr 38.1.0 |