CVE-2015-7213

Mozilla: Integer overflow in MP4 playback in 64-bit versions (MFSA 2015-146)

Severity Score

6.8

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.

Desbordamiento de entero en la función MPEG4Extractor::readMetaData en MPEG4Extractor.cpp en libstagefright en Mozilla Firefox en versiones anteriores a 43.0 y Firefox ESR 38.x en versiones anteriores a 38.5 en plataformas 64-bit permite a atacantes remotos ejecutar código arbitrario a través de un archivo de vídeo MP4 manipulado que desencadena un desbordamiento de buffer.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-09-16 CVE Reserved
2015-12-16 CVE Published
2024-08-06 CVE Updated
2024-08-22 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-189: Numeric Errors
CWE-190: Integer Overflow or Wraparound

CAPEC

References (24)

URL	Tag	Source
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	X_refsource_confirm
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	X_refsource_confirm
http://www.securityfocus.com/bid/79279	Vdb Entry
http://www.securitytracker.com/id/1034426	Vdb Entry
https://bugzilla.mozilla.org/show_bug.cgi?id=1206211	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html	2018-10-30
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html	2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00021.html	2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00022.html	2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00023.html	2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00038.html	2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00049.html	2018-10-30
http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html	2018-10-30
http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html	2018-10-30
http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html	2018-10-30
http://rhn.redhat.com/errata/RHSA-2015-2657.html	2018-10-30
http://www.debian.org/security/2015/dsa-3422	2018-10-30
http://www.debian.org/security/2016/dsa-3432	2018-10-30
http://www.mozilla.org/security/announce/2015/mfsa2015-146.html	2018-10-30
http://www.ubuntu.com/usn/USN-2833-1	2018-10-30
http://www.ubuntu.com/usn/USN-2859-1	2018-10-30
https://security.gentoo.org/glsa/201512-10	2018-10-30
https://access.redhat.com/security/cve/CVE-2015-7213	2016-01-05
https://bugzilla.redhat.com/show_bug.cgi?id=1291596	2016-01-05

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Opensuse Search vendor "Opensuse"		Leap Search vendor "Opensuse" for product "Leap"				42.1 Search vendor "Opensuse" for product "Leap" and version "42.1"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				13.1 Search vendor "Opensuse" for product "Opensuse" and version "13.1"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				13.2 Search vendor "Opensuse" for product "Opensuse" and version "13.2"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				22 Search vendor "Fedoraproject" for product "Fedora" and version "22"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				23 Search vendor "Fedoraproject" for product "Fedora" and version "23"		-		Affected
Mozilla Search vendor "Mozilla"		Firefox Esr Search vendor "Mozilla" for product "Firefox Esr"				38.0 Search vendor "Mozilla" for product "Firefox Esr" and version "38.0"		x64		Affected
Mozilla Search vendor "Mozilla"		Firefox Esr Search vendor "Mozilla" for product "Firefox Esr"				38.0.1 Search vendor "Mozilla" for product "Firefox Esr" and version "38.0.1"		x64		Affected
Mozilla Search vendor "Mozilla"		Firefox Esr Search vendor "Mozilla" for product "Firefox Esr"				38.0.5 Search vendor "Mozilla" for product "Firefox Esr" and version "38.0.5"		x64		Affected
Mozilla Search vendor "Mozilla"		Firefox Esr Search vendor "Mozilla" for product "Firefox Esr"				38.1.0 Search vendor "Mozilla" for product "Firefox Esr" and version "38.1.0"		x64		Affected
Mozilla Search vendor "Mozilla"		Firefox Esr Search vendor "Mozilla" for product "Firefox Esr"				38.1.1 Search vendor "Mozilla" for product "Firefox Esr" and version "38.1.1"		x64		Affected
Mozilla Search vendor "Mozilla"		Firefox Esr Search vendor "Mozilla" for product "Firefox Esr"				38.2.0 Search vendor "Mozilla" for product "Firefox Esr" and version "38.2.0"		x64		Affected
Mozilla Search vendor "Mozilla"		Firefox Esr Search vendor "Mozilla" for product "Firefox Esr"				38.2.1 Search vendor "Mozilla" for product "Firefox Esr" and version "38.2.1"		x64		Affected
Mozilla Search vendor "Mozilla"		Firefox Esr Search vendor "Mozilla" for product "Firefox Esr"				38.3.0 Search vendor "Mozilla" for product "Firefox Esr" and version "38.3.0"		x64		Affected
Mozilla Search vendor "Mozilla"		Firefox Esr Search vendor "Mozilla" for product "Firefox Esr"				38.4.0 Search vendor "Mozilla" for product "Firefox Esr" and version "38.4.0"		x64		Affected
Mozilla Search vendor "Mozilla"		Firefox Search vendor "Mozilla" for product "Firefox"				<= 42.0 Search vendor "Mozilla" for product "Firefox" and version " <= 42.0"		x64		Affected