CVE-2015-1258

EPSS 2.1%

Published: 5/20/2015Modified: 4/28/2026

Also known as:DEBIAN-CVE-2015-1258

Description

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.

Affected packages (1)

Debian/libvpxfrom 0, < 1.4.0-4

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1258