HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2015-4479

CVSS 10.0v2.0pub. 2015-08-16upd. 2026-05-06

Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Canonical Ubuntu

    OS
    Canonical
    12.0414.0415.04
  • Mozilla Firefox

    APP
    Mozilla
    38.038.0.138.0.538.1.0≤ 39.0.3
  • Opensuse

    OS
    Opensuse
    13.113.2
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2024-9680CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Use-after-free w Animation timelines Firefox/Thunderbird — RCE

CVE-2022-26486CRITICAL9.6⚠ KEVten sam produkt

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escap...

CVE-2022-0543CRITICAL10.0⚠ KEVten sam produkt

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debia...

CVE-2020-11651CRITICAL9.8⚠ KEVten sam produkt

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process Clea...