1. Home
  2. Vulnerabilities
  3. CVE-2014-1522

CVE-2014-1522

CVSS v2.0 9.3 (High)
93% Progress
EPSS 0.91 % (83th)
0.91% Progress
Affected Products 5
Advisories 3
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content.

Weaknesses
CWE-125
Out-of-bounds Read
CVE Status
PUBLISHED
CNA
Mozilla Corporation
Published Date
2014-04-30 10:49:04
(10 years ago)
Updated Date
2020-08-14 17:46:59
(4 years ago)

Affected Products

Canonical

Fedoraproject

Mozilla

Opensuse

Configuration #1

    CPE23 From Up To
  Fedoraproject Fedora 19 cpe:2.3:o:fedoraproject:fedora:19

Configuration #2

    CPE23 From Up To
  Canonical Ubuntu Linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm
  Canonical Ubuntu Linux 12.10 cpe:2.3:o:canonical:ubuntu_linux:12.10
  Canonical Ubuntu Linux 13.10 cpe:2.3:o:canonical:ubuntu_linux:13.10
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm

Configuration #3

    CPE23 From Up To
  Opensuse 12.3 cpe:2.3:o:opensuse:opensuse:12.3
  Opensuse 13.1 cpe:2.3:o:opensuse:opensuse:13.1

Configuration #4

    CPE23 From Up To
  Mozilla Firefox prior 29.0 version cpe:2.3:a:mozilla:firefox < 29.0
  Mozilla Seamonkey prior 2.26 version cpe:2.3:a:mozilla:seamonkey < 2.26