Denial of service vulnerability in Google Chrome via a crafted frame size in VP9 video data (rpm)ID: oval:org.secpod.oval:def:24920 | Date: (C)2015-06-12 (M)2022-09-22 |
Class: VULNERABILITY | Family: unix |
The host is installed with Google Chrome before 43.0.2357.65 and is prone to a denial of service vulnerability. A flaw is present in the libvpx code, which was not built with an appropriate --size-limit value. Successful exploitation could allow attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact.