Описание
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 35.0+build3-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [35.0+build3-0ubuntu0.14.04.2]] |
| lucid | ignored | end of life |
| precise | released | 35.0+build3-0ubuntu0.12.04.2 |
| trusty | released | 35.0+build3-0ubuntu0.14.04.2 |
| trusty/esm | DNE | trusty was released [35.0+build3-0ubuntu0.14.04.2] |
| upstream | released | 35.0 |
| utopic | released | 35.0+build3-0ubuntu0.14.10.2 |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in ...
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.
5 Medium
CVSS2