CVE Vulnerabilities

CVE-2015-0797

Published: May 14, 2015 | Modified: Sep 28, 2020
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
5.1 MODERATE
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.

Affected Software

Name Vendor Start Version End Version
Gstreamer Gstreamer_project * 1.4.5 (excluding)
Firefox Mozilla * 38.0 (excluding)
Firefox_esr Mozilla 31.0 (including) 31.7 (excluding)
Seamonkey Mozilla * 2.35 (excluding)
Thunderbird Mozilla * 31.7 (excluding)
Thunderbird Mozilla 38.0 (including) 38.0.1 (excluding)
Red Hat Enterprise Linux 5 RedHat firefox-0:38.0-4.el5_11 *
Red Hat Enterprise Linux 6 RedHat firefox-0:38.0-4.el6_6 *
Red Hat Enterprise Linux 7 RedHat firefox-0:38.0-3.el7_1 *
Gst-plugins-bad0.10 Ubuntu devel *
Gst-plugins-bad0.10 Ubuntu lucid *
Gst-plugins-bad0.10 Ubuntu precise *
Gst-plugins-bad0.10 Ubuntu trusty *
Gst-plugins-bad0.10 Ubuntu trusty/esm *
Gst-plugins-bad0.10 Ubuntu utopic *

References