1
PublicDateAtUSN: 2015-01-14
2
Candidate: CVE-2014-8640
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8640
6
https://www.mozilla.org/en-GB/security/advisories/mfsa2015-05/
7
https://usn.ubuntu.com/usn/usn-2458-1
9
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the
10
Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey
11
before 2.32 does not properly restrict timeline operations, which allows
12
remote attackers to cause a denial of service (uninitialized-memory read
13
and application crash) via crafted API calls.
19
Assigned-to: chrisccoulson
22
upstream_firefox: released (35.0)
23
lucid_firefox: ignored (reached end of life)
24
precise_firefox: released (35.0+build3-0ubuntu0.12.04.2)
25
trusty_firefox: released (35.0+build3-0ubuntu0.14.04.2)
26
utopic_firefox: released (35.0+build3-0ubuntu0.14.10.2)
27
devel_firefox: released (35.0+build3-0ubuntu1)