The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox prior to 33.0, Firefox ESR 31.x prior to 31.2, and Thunderbird 31.x prior to 31.2 allows remote malicious users to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox esr 31.1.0 |
||
mozilla firefox esr 31.0 |
||
mozilla thunderbird 31.1.0 |
||
mozilla thunderbird 31.0 |
||
mozilla firefox 31.0 |
||
mozilla firefox 30.0 |
||
mozilla firefox |
||
mozilla firefox 31.1.0 |