CVE-2015-4496

Advisory lineage Upstream: 0 Downstream: 3

Downstream

MGASA-2015-0342 RHSA-2015:0988 UBUNTU-CVE-2015-4496

Modified

Published: 16 Aug 2015, 01:00

Last modified:06 Aug 2024, 06:18

Vulnerability Summary

Overall Risk (default)

high

70/100

CVSS Score

9.3 HIGH

v2.0 (nvd)

EPSS Score

1.51% LOW

2% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

16 Aug 2015, 01:00

Published

Vulnerability first disclosed

06 Aug 2024, 06:18

Last Modified

Vulnerability information updated

Description

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538.

CVSS Metrics

v2.0•HIGH•Score: 9.3AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 1.51%• Percentile: 82%

Techniques & Countermeasures

CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.

Affected Systems

mozilla•firefox
≤ 37.0.2
Unknown•Solaris
11.3