The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox prior to 31.0 and Thunderbird prior to 31.0 does not properly allocate Web Audio buffer memory, which allows remote malicious users to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla thunderbird |
||
mozilla thunderbird 24.3 |
||
mozilla thunderbird 24.4 |
||
mozilla thunderbird 24.0.1 |
||
mozilla thunderbird 24.1 |
||
mozilla thunderbird 24.1.1 |
||
mozilla thunderbird 24.2 |
||
mozilla thunderbird 24.6 |
||
mozilla thunderbird 24.5 |
||
mozilla thunderbird 24.0 |
||
mozilla firefox |