Back to search
CVE-2015-1258
Published: May 20, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
openSUSE-SU-2015:0969
vendor-advisory
x_refsource_SUSE
FEDORA-2015-15936
vendor-advisory
x_refsource_FEDORA
https://codereview.chromium.org/1106303002
x_refsource_CONFIRM
GLSA-201506-04
vendor-advisory
x_refsource_GENTOO
openSUSE-SU-2015:1877
vendor-advisory
x_refsource_SUSE
1032375
vdb-entry
x_refsource_SECTRACK
DSA-3267
vendor-advisory
x_refsource_DEBIAN
https://code.google.com/p/chromium/issues/detail?id=450939
x_refsource_CONFIRM
FEDORA-2015-15935
vendor-advisory
x_refsource_FEDORA
74723
vdb-entry
x_refsource_BID
FEDORA-2015-15934
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now