CVE-2015-2729
Firefox < 39.0 and Firefox ESR < 38.1 - Out-of-Bounds Read in Web Audio AudioParamTimeline
Title source: llmDescription
The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
References (11)
Core 11
Core References
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201512-10
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75541
Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1207.html
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2656-1
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=1122218
Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/2015/mfsa2015-62.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032783
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2656-2
Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
Scores
EPSS
0.0041
EPSS Percentile
61.7%
Details
CWE
CWE-119
Status
published
Products (18)
mozilla/firefox
31.0
mozilla/firefox
31.1.0
mozilla/firefox
31.1.1
mozilla/firefox
31.3.0
mozilla/firefox
31.5.1
mozilla/firefox
31.5.2
mozilla/firefox
31.5.3
mozilla/firefox
38.0
mozilla/firefox
< 38.1.0
mozilla/firefox_esr
31.1
... and 8 more
Published
Jul 06, 2015
Tracked Since
Feb 18, 2026