CVE-2014-1542Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents7 sources
Severity
6.8MEDIUMNVD
EPSS
4.7%
top 10.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Mozilla FirefoxOpensuseOpensuse Project Opensuse+1 more
Timeline
PublishedJun 11
Latest updateMay 14

Description

Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages5 packages

Ubuntumozilla/firefox< 30.0+build1-0ubuntu0.14.04.3
NVDmozilla/firefox29.0.1
NVDoracle/solaris11.3

🔴Vulnerability Details

3
GHSA
GHSA-c9fr-v3cp-6wrm: Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 302022-05-14
OSV
CVE-2014-1542: Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 302014-06-11
CVEList
CVE-2014-1542: Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 302014-06-11

📋Vendor Advisories

2
Ubuntu
Firefox vulnerabilities2014-06-11
Red Hat
Mozilla: Buffer overflow in Web Audio Speex resampler (MFSA 2014-53)2014-06-10

💬Community

1
Bugzilla
CVE-2014-1542 Mozilla: Buffer overflow in Web Audio Speex resampler (MFSA 2014-53)2014-06-10
CVE-2014-1542 — Mozilla Firefox vulnerability | cvebase