CVE-2018-18503

When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox 65...

UBUNTU-CVE-2018-18503

When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox 65...

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2018-18500: Use-after-free parsing HTML5 stream CVE-2018-18503: Memory corruption with Audio Buffer CVE-2018-18504: Memory corruption and out-of-bounds read of texture client buffer CVE-2018-18505: Privilege escalation through IPC channel messages CVE-2018-18506:...

Security vulnerabilities fixed in Firefox 65 — Mozilla

A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. A crash and out-of-bounds read can occur when the buffer of a texture...

CVE-2018-11626

SELA aka SimplE Lossless Audio v0.1.2-alpha has a stack-based buffer overflow in the core/apev2.c initapev2keys function...

Buffer overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 600, and SD 800, a buffer overflow can occur when processing an audio buffer...

CentOS Update for thunderbird CESA-2018:0648 centos7

Check the version of thunderbird SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882867";...

USN-3485-3: Linux kernel (AWS) vulnerabilities

It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-15265 Eric Biggers discovered that the key...

LAME 3.99.5 - 'II_step_one' Buffer Overflow

Description: lame is a high quality MPEG Audio Layer III MP3 encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results on the debian bugtracker. In cases like this, when upstream is not active and...

CVE-2016-6832

Heap-based buffer overflow in the ffaudioresample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service crash via vectors related to buffer resizing...

The vulnerability of Thunderbird software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

A vulnerability exists in the mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox and Thunderbird, due to improper handling of Web Audio’s buffer memory allocation. Exploitation of this vulnerability allows malicious actors to execute arbitrary code or cause...

The vulnerability of the Firefox browser, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

Overfilling the buffer in the Speex decoder of the Web Audio subsystem in Mozilla Firefox allows malicious actors to execute arbitrary code using specially crafted AudioBuffer channel counters and decoding frequencies...

The vulnerability of the iOS operating system, which allows a hacker to trigger a service failure

The vulnerability of the Audio component in the iOS operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to cause a service failure using a specially crafted audio file...

CVE-2014-1549

The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and...

CVE-2014-1549

The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and...

UBUNTU-CVE-2014-1549

The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and...

UBUNTU-CVE-2014-1542

Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate...