Buffer Overflow Vulnerability in Mozilla Firefox and Thunderbird
CVE-2014-1549 · HIGH Severity
AV:N/AC:M/AU:N/C:C/I:C/A:C
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.
Learn more about our Web App Pen Testing.