CVE-2015-0797

Published: May 14, 2015Modified: May 6, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.

Affected (39)

Products: Gstreamer: Gstreamer · Mozilla: Firefox, Seamonkey, Thunderbird · Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Software Development Kit · +2 more

Show all products

Gstreamer: Gstreamer · Mozilla: Firefox, Seamonkey, Thunderbird · Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Software Development Kit · Redhat: Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Tus, Enterprise Linux Workstation · Debian: Debian Linux

1 product

3 products

3 products

Linux Enterprise Desktop

Linux Enterprise Server

Linux Enterprise Software Development Kit

Redhat

6 products

Enterprise Linux Desktop

Enterprise Linux Eus

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Tus

Enterprise Linux Workstation

Debian

1 product

Debian Linux

Configuration A

6 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gstreamer Gstreamer	Before 1.4.5
Mozilla Firefox	Before 38.0
Mozilla Firefox	From 31.0 to 31.7
Mozilla Seamonkey	Before 2.35
Mozilla Thunderbird	Before 31.7
Mozilla Thunderbird	From 38.0 to 38.0.1

Running on/with	Platform Versions
Linux Linux Kernel	All versions

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Suse Linux Enterprise Desktop	Version 11 sp3
Suse Linux Enterprise Server	Version 11 sp3
Suse Linux Enterprise Server	Version 11 sp3
Suse Linux Enterprise Software Development Kit	Version 11 sp3

Configuration C

26 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 5.0
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Eus	Version 6.6
Redhat Enterprise Linux Eus	Version 7.1
Redhat Enterprise Linux Eus	Version 7.2
Redhat Enterprise Linux Eus	Version 7.3
Redhat Enterprise Linux Eus	Version 7.4
Redhat Enterprise Linux Eus	Version 7.5
Redhat Enterprise Linux Eus	Version 7.6
Redhat Enterprise Linux Eus	Version 7.7
Redhat Enterprise Linux Server	Version 5.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Server Aus	Version 6.6
Redhat Enterprise Linux Server Aus	Version 7.3
Redhat Enterprise Linux Server Aus	Version 7.4
Redhat Enterprise Linux Server Aus	Version 7.6
Redhat Enterprise Linux Server Aus	Version 7.7
Redhat Enterprise Linux Server Tus	Version 6.6
Redhat Enterprise Linux Server Tus	Version 7.3
Redhat Enterprise Linux Server Tus	Version 7.6
Redhat Enterprise Linux Server Tus	Version 7.7
Redhat Enterprise Linux Workstation	Version 5.0
Redhat Enterprise Linux Workstation	Version 6.0
Redhat Enterprise Linux Workstation	Version 7.0