Mozilla Foundation Security Advisory 2015-80

Out-of-bounds read with malformed MP3 file

Announced
August 11, 2015
Reporter
Aki Helin
Impact
High
Products
Firefox, Firefox ESR, Firefox OS, SeaMonkey
Fixed in
  • Firefox 40
  • Firefox ESR 38.2
  • Firefox OS 2.5
  • SeaMonkey 2.35

Description

Security researcher Aki Helin used the Address Sanitizer tool to discover an out-of-bounds read during playback of a malformed MP3 format audio file which switches sample formats. This could trigger a potentially exploitable crash or the reading of out-of-bounds memory content in some circumstances.

References