CVE-2014-1549
Publication date 22 July 2014
Last updated 24 July 2024
Ubuntu priority
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | 14.04 LTS trusty |
Fixed 31.0+build1-0ubuntu0.14.04.1
|
thunderbird | 14.04 LTS trusty |
Fixed 1:31.0+build1-0ubuntu0.14.04.1
|
References
Related Ubuntu Security Notices (USN)
- USN-2296-1
- Thunderbird vulnerabilities
- 22 July 2014
- USN-2295-1
- Firefox vulnerabilities
- 22 July 2014