Endpoint Vulnerability

Buffer underflow during MP3 playback

Description

Security researcher Atte Kettunen used the Address Sanitizer tool to discover a buffer underflow during audio playback of a badly formatted MP3 audio files. Through memory allocation manipulation it may be possible to incorporate parts of Firefox memory into an MP3 stream accessible to scripts on the page.

Affected Products

SeaMonkey

References

CVE-2015-0825,