Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Chrome
Published: 2015-05-20T10:00:00
Updated: 2016-12-30T15:57:01
Reserved: 2015-01-21T00:00:00
Link: CVE-2015-1258
JSON object: View
NVD Information
Status : Modified
Published: 2015-05-20T10:59:10.667
Modified: 2023-11-07T02:24:27.810
Link: CVE-2015-1258
JSON object: View
Redhat Information
No data.
CWE