NVD

Id
18799  
Name
CVE-2016-2814  
Description
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2016-04-30  
Modified Date
2016-11-30  
Seq
2016-2814  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
104293 18799 CVE-2016-2814 openSUSE-SU-2016:1211  View
104294 18799 CVE-2016-2814 SUSE-SU-2016:1258  View
104295 18799 CVE-2016-2814 SUSE-SU-2016:1352  View
104296 18799 CVE-2016-2814 SUSE-SU-2016:1374  View
104297 18799 CVE-2016-2814 openSUSE-SU-2016:1251  View
104298 18799 CVE-2016-2814 RHSA-2016:0695  View
104299 18799 CVE-2016-2814 DSA-3559  View
104300 18799 CVE-2016-2814 http://www.mozilla.org/security/announce/2016/mfsa2016-44.html  View
104301 18799 CVE-2016-2814 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html  View
104302 18799 CVE-2016-2814 1035692  View
104303 18799 CVE-2016-2814 USN-2936-1  View
104304 18799 CVE-2016-2814 USN-2936-2  View
104305 18799 CVE-2016-2814 USN-2936-3  View
104306 18799 CVE-2016-2814 https://bugzilla.mozilla.org/show_bug.cgi?id=1254721  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
1656 JVNDB-2016-002429 Mozilla Firefox の libstagefright におけるヒープベースのバッファオーバーフローの脆弱性 Mozilla Firefox の libstagefright の stagefright::SampleTable::parseSampleCencInfo 関数には、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2016-2814 89320 CVE-2016-2814 18799 6.8 8.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-002429.html 2016-04-26 2016-05-06 View