Mozilla Firefox CVE-2015-7222 Numeric Errors Vulnerability
Description
Mozilla developer Gerald Squelart fixed an integer underflow in the libstagefright library initially reported by Joshua Drake to Google. The issues occurred in MP4 format video file while parsing cover metadata, leading to a buffer overflow. This results in a potentially exploitable crash and can be triggered by a malformed MP4 file served by web content.
Affected Applications
Firefox
Firefox ESR