The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox prior to 35.0 and SeaMonkey prior to 2.32 does not properly restrict timeline operations, which allows remote malicious users to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
opensuse opensuse 13.2 |
||
opensuse opensuse 13.1 |
||
mozilla seamonkey |