Mozilla Foundation Security Advisory 2015-21

Buffer underflow during MP3 playback

Announced
February 24, 2015
Reporter
Atte Kettunen
Impact
Medium
Products
Firefox, Firefox OS, SeaMonkey
Fixed in
  • Firefox 36
  • Firefox OS 2.2
  • SeaMonkey 2.33

Description

Security researcher Atte Kettunen used the Address Sanitizer tool to discover a buffer underflow during audio playback of a badly formatted MP3 audio files. Through memory allocation manipulation it may be possible to incorporate parts of Firefox memory into an MP3 stream accessible to scripts on the page.

References