CVE-2014-8640
CVSS v2.0
5 (Medium)
EPSS
4.80 % (93th)
Affected Products
3
Advisories
3
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.
Weaknesses
- CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2015-01-14 11:59:08
(9 years ago) - Updated Date
-
2018-10-30 16:27:35
(5 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...