Mozilla Foundation Security Advisory 2015-101

Buffer overflow in libvpx while parsing vp9 format video

Announced
September 22, 2015
Reporter
Khalil Zhani
Impact
Moderate
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird
Fixed in
  • Firefox 41
  • Firefox ESR 38.3
  • SeaMonkey 2.38
  • Thunderbird 38.3

Description

Security researcher Khalil Zhani reported that a maliciously crafted vp9 format video could be used to trigger a buffer overflow while parsing the file. This leads to a potentially exploitable crash due to a flaw in the libvpx library.

In general this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled, but is potentially a risk in browser or browser-like contexts.

References