CVE-2015-4485
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2015-4485
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2015-4485.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2015-4485
- Related
- Published
- 2015-08-16T01:59:13Z
- Modified
- 2024-10-22T13:42:14Z
- Summary
- [none]
- Details
-
Heap-based buffer overflow in the resizecontextbuffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data.
- References
-
- http://rhn.redhat.com/errata/RHSA-2015-1586.html
- http://www.mozilla.org/security/announce/2015/mfsa2015-89.html
- http://www.ubuntu.com/usn/USN-2702-1
- http://www.ubuntu.com/usn/USN-2702-2
- http://www.ubuntu.com/usn/USN-2702-3
- https://security.gentoo.org/glsa/201605-06
- https://bugzilla.mozilla.org/show_bug.cgi?id=1177948
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
- http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html
- http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.securitytracker.com/id/1033247
- https://security-tracker.debian.org/tracker/CVE-2015-4485
Affected packages
Debian:11 / libvpx
Package
- Name
- libvpx
- Purl
- pkg:deb/debian/libvpx?arch=source
Debian:12 / libvpx
Package
- Name
- libvpx
- Purl
- pkg:deb/debian/libvpx?arch=source
Debian:13 / libvpx
Package
- Name
- libvpx
- Purl
- pkg:deb/debian/libvpx?arch=source