Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2014-53

Buffer overflow in Web Audio Speex resampler

Announced
June 10, 2014
Reporter
Holger Fuhrmannek
Impact
Critical
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 30
  • SeaMonkey 2.26.1

Description

Security researcher Holger Fuhrmannek used the used the Address Sanitizer tool to discover a buffer overflow with the Speex resampler in Web Audio when working with audio content that exceeds expected bounds. This leads to a potentially exploitable crash.

References