Lucene search

K
ubuntucveUbuntu.comUB:CVE-2014-8640
HistoryJan 14, 2015 - 12:00 a.m.

CVE-2014-8640

2015-01-1400:00:00
ubuntu.com
ubuntu.com
12

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.054 Low

EPSS

Percentile

92.9%

The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the
Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey
before 2.32 does not properly restrict timeline operations, which allows
remote attackers to cause a denial of service (uninitialized-memory read
and application crash) via crafted API calls.

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchfirefox< 35.0+build3-0ubuntu0.12.04.2UNKNOWN
ubuntu14.04noarchfirefox< 35.0+build3-0ubuntu0.14.04.2UNKNOWN
ubuntu14.10noarchfirefox< 35.0+build3-0ubuntu0.14.10.2UNKNOWN

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.054 Low

EPSS

Percentile

92.9%