Vulnerability Details : CVE-2014-1577
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.
Vulnerability category: Memory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2014-1577
Probability of exploitation activity in the next 30 days: 9.81%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-1577
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:P |
10.0
|
4.9
|
NIST |
References for CVE-2014-1577
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html
[SECURITY] Fedora 20 Update: firefox-33.0-1.fc20
-
http://rhn.redhat.com/errata/RHSA-2014-1647.html
RHSA-2014:1647 - Security Advisory - Red Hat Customer Portal
-
http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html
[SECURITY] Fedora 21 Update: firefox-33.0-1.fc21
-
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
[security-announce] openSUSE-SU-2015:0138-1: important: Firefox update t
-
http://www.mozilla.org/security/announce/2014/mfsa2014-76.html
Web Audio memory corruption issues with custom waveforms — MozillaVendor Advisory
-
https://advisories.mageia.org/MGASA-2014-0421.html
Mageia Advisory: MGASA-2014-0421 - Updated firefox and thunderbird packages fix security vulnerabilities
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Oracle Solaris Third Party Bulletin - April 2015
-
http://www.securitytracker.com/id/1031028
Mozilla Firefox Bugs Let Remote Users Execute Arbitrary Code, Bypass Same Origin-Policy, and Obtain Potentially Sensitive Information - SecurityTracker
-
http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html
openSUSE-SU-2014:1343-1: moderate: update for MozillaThunderbird
-
http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html
openSUSE-SU-2014:1346-1: moderate: update for MozillaThunderbird
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1012609
1012609 - (CVE-2014-1577) Out-of-Bounds Read in mozilla::dom::OscillatorNodeEngine::ComputeCustom with negative frequency
-
http://www.debian.org/security/2014/dsa-3061
Debian -- Security Information -- DSA-3061-1 icedove
-
https://security.gentoo.org/glsa/201504-01
Mozilla Products: Multiple vulnerabilities (GLSA 201504-01) — Gentoo security
-
http://www.debian.org/security/2014/dsa-3050
Debian -- Security Information -- DSA-3050-1 iceweasel
-
http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html
openSUSE-SU-2014:1344-1: moderate: update for firefox, mozilla-nspr, moz
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
[security-announce] openSUSE-SU-2015:1266-1: important: Mozilla (Firefox
-
http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html
openSUSE-SU-2014:1345-1: moderate: update for firefox, mozilla-nspr, moz
-
http://www.ubuntu.com/usn/USN-2372-1
USN-2372-1: Firefox vulnerabilities | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2373-1
USN-2373-1: Thunderbird vulnerabilities | Ubuntu security notices
-
http://www.securitytracker.com/id/1031030
Mozilla Thunderbird Bugs Let Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.securityfocus.com/bid/70440
Mozilla Firefox/Thunderbird CVE-2014-1577 Out of Bounds Memory Corruption Vulnerability
-
http://rhn.redhat.com/errata/RHSA-2014-1635.html
RHSA-2014:1635 - Security Advisory - Red Hat Customer Portal
Products affected by CVE-2014-1577
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:30.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:31.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:31.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*