UBUNTU-CVE-2015-4480

Advisory lineage Upstream: 1 Downstream: 1
Upstream
CVE-2015-4480
Downstream
USN-2702-1
Published: 11 Aug 2015, 00:00
Last modified:22 Apr 2026, 10:10

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

11 Aug 2015, 00:00
Published
Vulnerability first disclosed
22 Apr 2026, 10:10
Last Modified
Vulnerability information updated

Description

Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding.

Affected Systems

  • ubuntufirefox

    < 40.0+build4-0ubuntu0.14.04.1

References (4)