Endpoint Vulnerability

Buffer overflow parsing H.264 video with Linux Gstreamer

Description

Security researcher Aki Helin used the Address Sanitizer tool to find a buffer overflow during video playback on Linux systems. This was due to a problem in older versions of the Gstreamer plugin during the parsing of H.264 formatted video. This issue could be used to induce a possibly exploitable crash.

Affected Products

Firefox,Firefox ESR

References

CVE-2015-0797,