Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2015-17

Buffer overflow in libstagefright during MP4 video playback

Announced
February 24, 2015
Reporter
Pantrombka
Impact
Critical
Products
Firefox, Firefox OS, SeaMonkey
Fixed in
  • Firefox 36
  • Firefox OS 2.2
  • SeaMonkey 2.33

Description

Security researcher Pantrombka reported a buffer overflow in the libstagefright library during video playback when certain invalid MP4 video files led to the allocation of a buffer that was too small for the content. This led to a potentially exploitable crash.

References