CVE-2014-1514 (retired)

Priority
Description
vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x
before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not
validate the length of the destination array before a copy operation, which
allows remote attackers to execute arbitrary code or cause a denial of
service (out-of-bounds write and application crash) by triggering incorrect
use of the TypedArrayObject class.
Assigned-to
chrisccoulson
Package
Upstream:released (28.0)
Package
Priority: Low
Upstream:released (24.4.0)
More Information

Updated: 2019-08-23 09:01:06 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)