Mozilla Foundation Security Advisory 2015-80

Out-of-bounds read with malformed MP3 file

Announced

August 11, 2015

Reporter

Aki Helin

Impact

High

Products

Firefox, Firefox ESR, Firefox OS, SeaMonkey

Fixed in

Firefox 40
Firefox ESR 38.2
Firefox OS 2.5
SeaMonkey 2.35

Description

Security researcher Aki Helin used the Address Sanitizer tool to discover an out-of-bounds read during playback of a malformed MP3 format audio file which switches sample formats. This could trigger a potentially exploitable crash or the reading of out-of-bounds memory content in some circumstances.

References

out of bounds read at mozilla::AudioSink (CVE-2015-4475)

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Privacy Promise

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Product Promise

Firefox Relay

MDN Plus

Mozilla Manifesto

Mozilla Foundation

Get involved

Leadership

Careers

Mozilla Blog

Firefox Developer Edition

MDN Web Docs

Common Voice

Mozilla Innovation Projects

Mozilla Foundation Security Advisory 2015-80

Out-of-bounds read with malformed MP3 file

Description

References