Back to search
CVE-2016-1946
Published: Jan 31, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a denial of service (integer overflow and buffer overflow) or possibly have unspecified other impact via crafted metadata.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://hg.mozilla.org/mozilla-central/rev/2a57c0a0cf19
x_refsource_CONFIRM
1034825
vdb-entry
x_refsource_SECTRACK
USN-2880-1
vendor-advisory
x_refsource_UBUNTU
USN-2880-2
vendor-advisory
x_refsource_UBUNTU
http://www.mozilla.org/security/announce/2016/mfsa2016-10.html
x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=1232069
x_refsource_CONFIRM
openSUSE-SU-2016:0309
vendor-advisory
x_refsource_SUSE
81950
vdb-entry
x_refsource_BID
GLSA-201605-06
vendor-advisory
x_refsource_GENTOO
openSUSE-SU-2016:0306
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now