The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
No history.
Information
Published : 2014-03-19 10:55
Updated : 2024-02-28 12:20
NVD link : CVE-2014-1497
Mitre link : CVE-2014-1497
CVE.ORG link : CVE-2014-1497
JSON object : View
Products Affected
redhat
- enterprise_linux_eus
- enterprise_linux_server_eus
- enterprise_linux_desktop
- enterprise_linux_server_aus
- enterprise_linux_server
- enterprise_linux_server_tus
- enterprise_linux_workstation
canonical
- ubuntu_linux
suse
- suse_linux_enterprise_software_development_kit
- suse_linux_enterprise_server
- suse_linux_enterprise_desktop
opensuse
- opensuse
mozilla
- firefox_esr
- seamonkey
- thunderbird
- firefox
debian
- debian_linux
CWE
CWE-125
Out-of-bounds Read