Published: 06/11/2010 Updated: 07/11/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

WebM libvpx (aka the VP8 Codec SDK) prior to 0.9.5, as used in Google Chrome prior to 7.0.517.44, allows remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome
webmproject libvpx
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0

Debian Bug report logs - #602693 Memory corruption in libvpx Package: libvpx; Maintainer for libvpx is Debian Multimedia Maintainers <pkg-multimedia-maintainers@listsaliothdebianorg>; Reported by: Giuseppe Iuculano <iuculano@debianorg> Date: Sun, 7 Nov 2010 09:30:01 UTC Severity: serious Tags: patch, security F ...

libvpx applications could be made to run programs as your login if it opened a specially crafted file ...

CWE-190 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://code.google.com/p/chromium/issues/detail?id=60055 http://secunia.com/advisories/42118 http://secunia.com/advisories/42109 http://secunia.com/advisories/42690 https://rhn.redhat.com/errata/RHSA-2010-0999.html http://security.gentoo.org/glsa/glsa-201101-03.xml http://www.vupen.com/english/advisories/2011/0115 http://secunia.com/advisories/42908 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12198 http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=blob%3Bf=CHANGELOG http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=commit%3Bh=09bcc1f710ea65dc158639479288fb1908ff0c53 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602693 https://usn.ubuntu.com/1015-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-4203

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect