Google Chrome prior to 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote malicious users to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 8.0 |
||
google chrome |