Endpoint Vulnerability

Buffer overflow in libstagefright with CENC offsets

Description

Using Address Sanitizer, security researcher Sascha Just reported a buffer overflow in the libstagefright library due to issues with the handling of CENC offsets and the sizes table. This results in a potentially exploitable crash triggerable through web content.

Affected Products

Firefox

References

CVE-2016-2814,