gsd - gsd-2015-4475

gsd-2015-4475

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.

Aliases

CVE-2015-4475

Aliases

CVE-2015-4475

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-4475",
    "description": "The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.",
    "id": "GSD-2015-4475",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-4475.html",
      "https://access.redhat.com/errata/RHSA-2015:1586",
      "https://ubuntu.com/security/CVE-2015-4475",
      "https://advisories.mageia.org/CVE-2015-4475.html",
      "https://linux.oracle.com/cve/CVE-2015-4475.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-4475"
      ],
      "details": "The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.",
      "id": "GSD-2015-4475",
      "modified": "2023-12-13T01:19:59.555263Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@mozilla.org",
        "ID": "CVE-2015-4475",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "SUSE-SU-2015:2081",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html"
          },
          {
            "name": "openSUSE-SU-2015:1454",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html"
          },
          {
            "name": "USN-2702-3",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2702-3"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1175396",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1175396"
          },
          {
            "name": "openSUSE-SU-2015:1389",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html"
          },
          {
            "name": "openSUSE-SU-2015:1453",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html"
          },
          {
            "name": "RHSA-2015:1586",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1586.html"
          },
          {
            "name": "76294",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/76294"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
          },
          {
            "name": "SUSE-SU-2015:1528",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html"
          },
          {
            "name": "1033247",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1033247"
          },
          {
            "name": "USN-2702-2",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2702-2"
          },
          {
            "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-80.html",
            "refsource": "CONFIRM",
            "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-80.html"
          },
          {
            "name": "USN-2702-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2702-1"
          },
          {
            "name": "GLSA-201605-06",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201605-06"
          },
          {
            "name": "SUSE-SU-2015:1449",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
          },
          {
            "name": "openSUSE-SU-2015:1390",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "39.0.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@mozilla.org",
          "ID": "CVE-2015-4475"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-80.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-80.html"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1175396",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1175396"
            },
            {
              "name": "openSUSE-SU-2015:1389",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html"
            },
            {
              "name": "USN-2702-2",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-2702-2"
            },
            {
              "name": "openSUSE-SU-2015:1390",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html"
            },
            {
              "name": "USN-2702-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-2702-1"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
            },
            {
              "name": "76294",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/76294"
            },
            {
              "name": "GLSA-201605-06",
              "refsource": "GENTOO",
              "tags": [],
              "url": "https://security.gentoo.org/glsa/201605-06"
            },
            {
              "name": "SUSE-SU-2015:2081",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html"
            },
            {
              "name": "openSUSE-SU-2015:1454",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html"
            },
            {
              "name": "openSUSE-SU-2015:1453",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html"
            },
            {
              "name": "SUSE-SU-2015:1528",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html"
            },
            {
              "name": "SUSE-SU-2015:1449",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
            },
            {
              "name": "USN-2702-3",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-2702-3"
            },
            {
              "name": "1033247",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1033247"
            },
            {
              "name": "RHSA-2015:1586",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1586.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:27Z",
      "publishedDate": "2015-08-16T01:59Z"
    }
  }
}

CVE-2015-4475 (GCVE-0-2015-4475)

Vulnerability from cvelistv5

Published

2015-08-16 01:00

Modified

2024-08-06 06:18

Severity ?

CWE

Summary

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2702-3	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.mozilla.org/show_bug.cgi?id=1175396	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2015-1586.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/76294	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id/1033247	vdb-entry, x_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-2702-2	vendor-advisory, x_refsource_UBUNTU
	http://www.mozilla.org/security/announce/2015/mfsa2015-80.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2702-1	vendor-advisory, x_refsource_UBUNTU
	https://security.gentoo.org/glsa/201605-06	vendor-advisory, x_refsource_GENTOO
	http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website