Security Advisory

CVE-2014-1549

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-07-23 10:00:00

Last updated 2024-08-06 09:42:36

Assigner mozilla

State PUBLISHED

Description

The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.

← Browse all CVEs View on cve.org ↗