GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gstreamer | Gstreamer_project | * | * |
Firefox | Mozilla | * | * |
Firefox_esr | Mozilla | 31.0 | * |
Seamonkey | Mozilla | * | * |
Thunderbird | Mozilla | * | * |
Thunderbird | Mozilla | 38.0 | * |