Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-1258

Опубликовано: 19 мая 2015
Источник: redhat
CVSS2: 5.1
EPSS Низкий

Описание

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6libvpxWill not fix
Red Hat Enterprise Linux 7libvpxWill not fix
Supplementary for Red Hat Enterprise Linux 6chromium-browserFixedRHSA-2015:102325.05.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1223266chromium-browser: Negative-size parameter in Libvpx.

EPSS

Процентиль: 84%
0.02136
Низкий

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-1258

ubuntu
больше 10 лет назад

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.

nvd логотип

CVE-2015-1258

nvd
больше 10 лет назад

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.

debian логотип

CVE-2015-1258

debian
больше 10 лет назад

Google Chrome before 43.0.2357.65 relies on libvpx code that was not b ...

github логотип

GHSA-mwxh-q8vv-r69f

github
больше 3 лет назад

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.

fstec логотип

BDU:2015-10131

fstec
больше 10 лет назад

Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 84%
0.02136
Низкий

5.1 Medium

CVSS2