CVE-2014-1549
CVSS v2.0
9.3 (High)
EPSS
4.44 % (93th)
Affected Products
2
Advisories
4
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.
Weaknesses
- CWE-119
- Improper Restriction of Operations within the Bounds of a Memory Buffer
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2014-07-23 11:12:42
(10 years ago) - Updated Date
-
2017-01-07 02:59:39
(7 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...