Lucene search

K

MozillaCVELIST:CVE-2014-1565

HistorySep 03, 2014 - 10:00 a.m.

CVE-2014-1565

2014-09-0310:00:00

mozilla

www.cve.org

6

AI Score

9.1

Confidence

High

EPSS

0.009

Percentile

82.5%

The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted API calls.

References

lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html

lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html

lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html

lists.opensuse.org/opensuse-updates/2014-09/msg00011.html

secunia.com/advisories/60148

secunia.com/advisories/61114

www.mozilla.org/security/announce/2014/mfsa2014-70.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.securityfocus.com/bid/69521

www.securitytracker.com/id/1030793

www.securitytracker.com/id/1030794

bugzilla.mozilla.org/show_bug.cgi?id=1047831

security.gentoo.org/glsa/201504-01

AI Score

9.1

Confidence

High

EPSS

0.009

Percentile

82.5%

Related for CVELIST:CVE-2014-1565

mozilla1 cve1 openvas13 prion1 ubuntucve1 nvd1 nessus13 suse4 ubuntu2 securityvulns1 mageia1 gentoo1