Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.
References
Configurations
History
No history.
Information
Published : 2015-05-20 10:59
Updated : 2024-02-04 18:53
NVD link : CVE-2015-1258
Mitre link : CVE-2015-1258
CVE.ORG link : CVE-2015-1258
JSON object : View
Products Affected
- chrome
debian
- debian_linux
CWE
CWE-189
Numeric Errors