admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-44xx/CVE-2015-4493.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

227 lines
7.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-4493",
"sourceIdentifier": "security@mozilla.org",
"published": "2015-08-16T01:59:21.987",
"lastModified": "2018-10-30T16:27:35.843",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n stagefright::ESDS::parseESDescriptor en libstagefright en Mozilla Firefox en versiones anteriores a 40.0 y Firefox ESR 38.x en versiones anteriores a 38.2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un campo de tama\u00f1o no v\u00e1lido en un fragmento esds en los datos de v\u00eddeo MPEG-4, un caso relacionado con CVE-2015-1539."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndIncluding": "39.0.3",
"matchCriteriaId": "40AB4FC4-00EA-4C4E-81D8-170BD068B28B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1DD76B-7682-4F61-B274-115D8A9B5306"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "332589F6-C6DB-4204-97FA-B60105BBF146"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A04D6EAE-C709-4752-976E-DB15EE6E85B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE52B8E3-3BA8-46DB-948E-958739FE91B1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html",
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html",
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html",
"source": "security@mozilla.org"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html",
"source": "security@mozilla.org"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2015-1586.html",
"source": "security@mozilla.org"
},
{
"url": "http://www.debian.org/security/2015/dsa-3333",
"source": "security@mozilla.org"
},
{
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-83.html",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1033247",
"source": "security@mozilla.org"
},
{
"url": "http://www.ubuntu.com/usn/USN-2702-1",
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2702-2",
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2702-3",
"source": "security@mozilla.org"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1186718",
"source": "security@mozilla.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://hg.mozilla.org/mozilla-central/rev/a674c7019cb5",
"source": "security@mozilla.org"
},
{
"url": "https://security.gentoo.org/glsa/201605-06",
"source": "security@mozilla.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink