Buffer Overflow Vulnerability in Mozilla Firefox and Thunderbird

Buffer Overflow Vulnerability in Mozilla Firefox and Thunderbird

CVE-2014-1549 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.

Learn more about our Web App Pen Testing.