CVE-2015-4475

The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mozillaCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
mozillafirefox
𝑥
≤ 39.0.3
mozillafirefox
38.0
mozillafirefox
38.0.1
mozillafirefox
38.0.5
mozillafirefox
38.1.0
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
canonicalubuntu_linux
15.04
opensuseopensuse
13.1
opensuseopensuse
13.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
vivid
Fixed 40.0+build4-0ubuntu0.15.04.1
released
trusty
Fixed 40.0+build4-0ubuntu0.14.04.1
released
precise
Fixed 40.0+build4-0ubuntu0.12.04.1
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html
http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html
http://rhn.redhat.com/errata/RHSA-2015-1586.html
http://www.mozilla.org/security/announce/2015/mfsa2015-80.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.securityfocus.com/bid/76294
http://www.securitytracker.com/id/1033247
http://www.ubuntu.com/usn/USN-2702-1
http://www.ubuntu.com/usn/USN-2702-2
http://www.ubuntu.com/usn/USN-2702-3
https://bugzilla.mozilla.org/show_bug.cgi?id=1175396
https://security.gentoo.org/glsa/201605-06
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html
http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html
http://rhn.redhat.com/errata/RHSA-2015-1586.html
http://www.mozilla.org/security/announce/2015/mfsa2015-80.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.securityfocus.com/bid/76294
http://www.securitytracker.com/id/1033247
http://www.ubuntu.com/usn/USN-2702-1
http://www.ubuntu.com/usn/USN-2702-2
http://www.ubuntu.com/usn/USN-2702-3
https://bugzilla.mozilla.org/show_bug.cgi?id=1175396
https://security.gentoo.org/glsa/201605-06