CVE-2015-0797

N/A Unknown
Published: May 14, 2015 Modified: March 17, 2026
View on NVD

Description

GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00017.html
Source: security@mozilla.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html
Source: security@mozilla.org
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html
Source: security@mozilla.org
Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0988.html
Source: security@mozilla.org
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1012.html
Source: security@mozilla.org
Third Party Advisory
http://www.debian.org/security/2015/dsa-3225
Source: security@mozilla.org
Third Party Advisory
http://www.debian.org/security/2015/dsa-3260
Source: security@mozilla.org
Third Party Advisory
http://www.debian.org/security/2015/dsa-3264
Source: security@mozilla.org
Third Party Advisory
http://www.mozilla.org/security/announce/2015/mfsa2015-47.html
Source: security@mozilla.org
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Source: security@mozilla.org
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1080995
Source: security@mozilla.org
Issue Tracking Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00038.html
Source: security@mozilla.org
Mailing List Third Party Advisory
https://security.gentoo.org/glsa/201512-07
Source: security@mozilla.org
Third Party Advisory
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7
Source: security@mozilla.org
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00017.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0988.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1012.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2015/dsa-3225
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2015/dsa-3260
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2015/dsa-3264
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mozilla.org/security/announce/2015/mfsa2015-47.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1080995
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00038.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
https://security.gentoo.org/glsa/201512-07
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

28 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
7.6%
92th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

linux redhat gstreamer suse mozilla debian