Home

CVE-2015-4506

Description

Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.

Risk Information

Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
7.974

Associated Vulnerability

VulnerabilityOS Platform
Update for SeaMonkey (2.38)Windows
Update for Mozilla Firefox (41.0)Windows
Update for Mozilla Firefox (41.0.1)Windows
Update for Mozilla Firefox (41.0.2)Windows
Update for Mozilla Firefox ESR (38.3.0)Windows
Update for Mozilla Thunderbird (38.3.0)Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 40.0.3Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 40.0.3Windows
Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (41.0)Mac
Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (41.0.1)Mac
Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (41.0.2)Mac
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac ( 141.0)Mac
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (141.0.2)Mac
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (141.0.3)Mac
Multiple Vulnerabilities are affected in Firefox ESR for Mac 38.0Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 38.0Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 38.1.0Mac
Multiple Vulnerabilities are affected in Firefox ESR for Mac 38.1.0Mac
Multiple Vulnerabilities are affected in Firefox ESR for Mac 38.0.1Mac
Multiple Vulnerabilities are affected in Firefox ESR for Mac 38.0.5Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 38.0.1Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 38.0.5Mac
Multiple Vulnerabilities are affected in Firefox ESR for Mac 38.2.0Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 38.2.0Mac
Multiple Vulnerabilities are affected in Firefox ESR for Mac 38.1.1Mac
Multiple Vulnerabilities are affected in Firefox ESR for Mac 38.2.1Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 38.1.1Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 38.2.1Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 40.0.3Mac
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac 38.3Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-301495Update for SeaMonkey (2.38)
PATCH-302184Update for Mozilla Firefox (41.0)
PATCH-302185Update for Mozilla Firefox (41.0.1)
PATCH-302186Update for Mozilla Firefox (41.0.2)
PATCH-302285Update for Mozilla Firefox ESR (38.3.0)
PATCH-302898Update for Mozilla Thunderbird (38.3.0)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611808Mozilla Firefox ESR for MAC 128.14.0
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611808Mozilla Firefox ESR for MAC 128.14.0
PATCH-611808Mozilla Firefox ESR for MAC 128.14.0
PATCH-611808Mozilla Firefox ESR for MAC 128.14.0
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611808Mozilla Firefox ESR for MAC 128.14.0
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611808Mozilla Firefox ESR for MAC 128.14.0
PATCH-611808Mozilla Firefox ESR for MAC 128.14.0
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-612783Mozilla Firefox For Mac (145.0.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234