Search for vulnerabilities
| Vulnerability ID | VCID-9kxm-srck-suga |
| Aliases |
CVE-2015-7222
|
| Summary | Mozilla developer Gerald Squelart fixed an integer underflow in the libstagefright library initially reported by Joshua Drake to Google. The issues occurred in MP4 format video file while parsing cover metadata, leading to a buffer overflow. This results in a potentially exploitable crash and can be triggered by a malformed MP4 file served by web content. In general this flaw cannot be exploited through email in the Thunderbird product, but is potentially a risk in browser or browser-like contexts. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 8.0 |
| Risk | 4.0 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| epss | 0.03351 | https://api.first.org/data/v1/epss?cve=CVE-2015-7222 |
| generic_textual | high | https://www.mozilla.org/en-US/security/advisories/mfsa2015-147 |
| Reference id | Reference type | URL |
|---|---|---|
| https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7222.json | ||
| https://api.first.org/data/v1/epss?cve=CVE-2015-7222 | ||
| 1291597 | https://bugzilla.redhat.com/show_bug.cgi?id=1291597 | |
| CVE-2015-7222 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7222 | |
| mfsa2015-147 | https://www.mozilla.org/en-US/security/advisories/mfsa2015-147 | |
| RHSA-2015:2657 | https://access.redhat.com/errata/RHSA-2015:2657 | |
| USN-2833-1 | https://usn.ubuntu.com/2833-1/ |
| Percentile | 0.86843 |
| EPSS Score | 0.03351 |
| Published At | July 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T08:10:57.681971+00:00 | Mozilla Importer | Import | https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2015/mfsa2015-147.md | 37.0.0 |