Mozilla : Security Vulnerabilities, CVEs, Published In July 2014 (Overflow)
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.
Max CVSS
9.3
EPSS Score
4.44%
Published
2014-07-23
Updated
2017-01-07
1 vulnerabilities found