The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a denial of service (integer overflow and buffer overflow) or possibly have unspecified other impact via crafted metadata.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2016-01-31T18:00:00
Updated: 2017-09-09T09:57:01
Reserved: 2016-01-20T00:00:00
Link: CVE-2016-1946
JSON object: View
NVD Information
Status : Modified
Published: 2016-01-31T18:59:12.433
Modified: 2018-10-30T16:27:35.843
Link: CVE-2016-1946
JSON object: View
Redhat Information
No data.