Mozilla

Mozilla Foundation Security Advisory 2015-146

Integer overflow in MP4 playback in 64-bit versions

Announced
December 15, 2015
Reporter
Ronald Crane
Impact
High
Products
Firefox, Firefox ESR, Thunderbird
Fixed in
  • Firefox 43
  • Firefox ESR 38.5
  • Thunderbird 38.5

Description

Security researcher Ronald Crane reported a vulnerability found through code inspection. This issue is an integer overflow while processing an MP4 format video file when an a erroneously-small buffer is allocated and then overrun, resulting in a potentially exploitable crash.

This issue only affects 64-bit versions with 32-bit versions being unaffected.

In general this flaw cannot be exploited through email in the Thunderbird product, but is potentially a risk in browser or browser-like contexts.

References