Endpoint Vulnerability

Out of bounds read during WAV file decoding

Description

Security researcher Atte Kettunen from OUSPG reported an out of bounds read during the decoding of WAV format audio files for playback. This could allow web content access to heap data as well as causing a crash.

Affected Products

Thunderbird

References

CVE-2014-1497,