Mozilla Firefox 47.0.1 Execute Code Overflow Bypass a restriction or similar Vulnerability
24 Oct. 2016
Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.
* Mozilla Firefox 47.0.1
* Mozilla Firefox Esr 45.1.0
* Mozilla Firefox Esr 45.1.1
* Mozilla Firefox Esr 45.2.0
* Mozilla Firefox Esr 45.3.0
An anonymous security researcher working with Trend Micro's Zero Day Initiative reported a buffer overflow in the ClearKey Content Decryption Module (CDM) used by the Encrypted Media Extensions (EME) API. This vulnerability can be triggered using a malformed video file due to incorrect error handling. This could allow arbitrary code execution if combined with a second vulnerability that allows an escape from the Gecko Media Plugin (GMP) sandbox. Without such a vulnerability, the buffer overflow is contained within the GMP sandbox and cannot be exploited.