Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2014-8640
HistoryJan 14, 2015 - 11:59 a.m.

CVE-2014-8640

2015-01-1411:59:08
CWE-362
[email protected]
web.nvd.nist.gov
6

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

High

EPSS

0.048

Percentile

92.9%

JSON

The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.

Affected configurations

Nvd
Node
mozillafirefoxRange34.0.5
Node
opensuseopensuseMatch13.1
OR
opensuseopensuseMatch13.2
Node
mozillaseamonkeyRange2.31
VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
opensuseopensuse13.1cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
opensuseopensuse13.2cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

Related

prion 1
cve 1
ubuntucve 1
mozilla 1
openvas 18
cvelist 1
nessus 17
suse 6
archlinux 1
ubuntu 3
mageia 1
securityvulns 1
freebsd 1
gentoo 1
prion
prion
Code injection
2015-01-14 11:59:00
cve
cve
CVE-2014-8640
2015-01-14 11:59:08
ubuntucve
ubuntucve
CVE-2014-8640
2015-01-14 00:00:00
mozilla
mozilla
Read of uninitialized memory in Web Audio — Mozilla
2015-01-13 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2015-05) - Linux
2021-11-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0180-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0171-1)
2021-06-09 00:00:00
cvelist
cvelist
CVE-2014-8640
2015-01-14 11:00:00
nessus
nessus
SUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2015:0171-1)
2015-05-20 00:00:00
SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 10225)
2015-02-02 00:00:00
SUSE SLES11 Security Update : Mozilla Firefox (SUSE-SU-2015:0173-1)
2015-05-20 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2015-01-29 07:04:56
Security update for Mozilla Firefox (important)
2015-01-31 01:09:23
Security update for Mozilla Firefox (important)
2015-01-29 07:06:36
archlinux
archlinux
firefox: multiple issues
2015-01-14 00:00:00
ubuntu
ubuntu
Firefox regression
2015-01-27 00:00:00
Ubufox update
2015-01-14 00:00:00
Firefox vulnerabilities
2015-01-14 00:00:00
mageia
mageia
Updated iceape package fixes security vulnerabilities
2015-01-19 19:47:36
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-01-19 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-01-13 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

High

EPSS

0.048

Percentile

92.9%

JSON
Related for NVD:CVE-2014-8640
prion1cve1ubuntucve1mozilla1openvas18cvelist1nessus17suse6archlinux1ubuntu3mageia1securityvulns1freebsd1gentoo1