Buffer overflow in Mozilla Firefox

CVE-2015-2729

The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers t…

Vulnerability class: Buffer Overflow

EPSS: 0.004 (61.9th percentile) — read the EPSS interpretation.

Affected products

Mozilla Firefox — versions 31.0, 31.1.0, 31.1.1
Mozilla Firefox_esr — versions 31.1, 31.2, 31.3
Mozilla Thunderbird
Oracle Solaris — versions 11.3
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

openSUSE-SU-2015:1229 (vendor-advisory, x_refsource_SUSE)
GLSA-201512-10 (vendor-advisory, x_refsource_GENTOO)
75541 (vdb-entry, x_refsource_BID)
security@mozilla.org (x_refsource_CONFIRM, Third Party Advisory)
RHSA-2015:1207 (x_refsource_REDHAT, vendor-advisory)
USN-2656-1 (x_refsource_UBUNTU, vendor-advisory)
security@mozilla.org (x_refsource_CONFIRM, Issue Tracking)
security@mozilla.org (x_refsource_CONFIRM, Vendor Advisory)
1032783 (vdb-entry, x_refsource_SECTRACK)
USN-2656-2 (x_refsource_UBUNTU, vendor-advisory)